Vigil@nce: Linux kernel, denial of service via unix socket
December 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker can use several unix sockets, in order to create
a denial of service.
– Severity: 1/4
– Creation date: 29/11/2010
DESCRIPTION OF THE VULNERABILITY
The VIGILANCE-VUL-10149 (https://vigilance.fr/tree/1/10149)
vulnerability uses several Unix sockets, in order to create a
denial of service in the garbage collector. This vulnerability was
corrected with a purge threshold after 16000 sockets.
However, an attack variant was published. It is faster, so it
requires a lower purging threshold.
A local attacker can therefore use several unix sockets, in order
to create a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-unix-socket-10158