June 14th, 2004, 04:33 PM
New Kernel Crash-Exploit discovered
A bug lets a simple C program crash the kernel, effectively locking the whole system. Affects both 2.4.2x and 2.6.x kernels on the x86 architecture.
Not good at all and what makes it worse........
Using this exploit to crash Linux systems requires the (ab)user to have shell access. The program works on any normal user account, root access is not required.
Not all distro's affected
Full article -
"Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
- Friedrich Nietzsche
June 14th, 2004, 04:45 PM
I tested this exploit on a 2.6.5-gentoo-r1 kernel, and can confirm this locks your computer solid. However, when I tried it on a dual-processor box with the same kernel source, it only crashed 1 CPU.
If you have a SMP box with hangcheck timer support compiled in, perhaps you could use it to automatically reinitialise the crashed processor. Not a perfect solution, but it's better than nothing. Of course, I might've just misunderstood the purpose of the hangcheck timer and it might not offer any protection whatsoever...
June 15th, 2004, 12:48 AM
When they said simple "C" program they weren't kidding! When I get the time, I'll have to try it on SuSE & RH to see if they crash. I would imagine all 2.6.xx kernels, if not now vulnerable, could be shortly. Patch time regardless.
Thanks for the thread!
Connection refused, try again later.
June 15th, 2004, 04:21 AM
I know there's a lot of SuSE users that float around on here. If you use the kernel provided by SuSE (and the subsequent upgrades they provide through YOU) then you are vulnerable to this code.
The server hung instantly. So far SuSE has not released an update through YOU and I will let you know when one is released, for now SuSE users are going to have to patch the kernel themselves.
suse:~ # uname -a
Linux suse 2.6.4-54.5-default #1 Fri May 7 21:43:10 UTC 2004 i686 i686 i386 GNU/Linux
suse:~ # gcc -o test test.c
test.c: In function `Handler':
test.c:8: warning: use of memory input without lvalue in asm operand 0 is deprecated
test.c:10: warning: use of memory input without lvalue in asm operand 0 is deprecated
suse:~ # ./test
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
June 15th, 2004, 06:20 AM
Computers do not have problems, they have users.
June 15th, 2004, 10:17 AM
I cant open any of the 2 links provided in this thread, i keep getting a 'timeout' error. Is anyone else having that same problem?
Ubuntu-: Means in African : "Im too dumb to use Slackware"
June 15th, 2004, 10:38 AM
no problem here..
if all else fails (retry) try using a proxy..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !