I have not poked around then internet on this much....
Nasty Linux kernel crash exploit found
Posted 06/14/2004 @ 10:33 AM, by E.B.
Linux Reviews is reporting the discovery of a kernel crash exploit that
affects almost all 2.4.x and 2.6.x kernels on x86 systems. What is
particularly troublesome about it is that having root privileges is not
necessary. When executed by any user with shell access, the brief C program
will crash the kernel, bringing the entire system to a screeching halt. It
is reported that even grsecurity-patched kernels are vulnerable to the
exploit. Virtually all distributions are affected, with the exception of a
couple of Gentoo patches. On the following systems, all that happens is a
"floating point exception" error and the code exits without doing further
harm:
Linux nudge 2.6.5-1um i686 (the user-mode Linux kernel) Dylan Smith
Linux Kernel 2.6.4 SMP patched with staircase scheduler Guille
Linux kernel 2.4.26-rc3-gentoo (gcc 3.3.3)
Linux kernel 2.4.26_pre6-gentoo (gcc 3.3.2)
2.2.19-kernel
It is unclear why these specific Gentoo patch sets of the 2.4.26 kernel are
safe. Other versions of the Gentoo kernel are not.
Generally, to do serious harm to a Linux system, one needs root access, but
this small program is the exception to that. We tried it out in the Orbiting
HQ and it worked as advertised, hard-locking the test machine and requiring
a reboot. The crash also left the hard drive "dirty," requiring a fsck.
Unfortunately, the possibilities of how this could be used are numerous. For
instance, one could stick the program in a cron job on a shared web server
and wreak all sorts of havoc on the webhost.
There are some workarounds available - Linux Review has a few, and it is
certain that more will soon be circulating on Linux mailing lists. Aside
from the crashing your system and dirtying your drive, the exploit will not
do any lasting damage to your system. However, given the nature of this
exploit, it will likely prove to be a major inconvenience for many until
patches are widely available.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:43:09 EDT