Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 24 Sep 1999 07:32:40 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        Adrian Penisoara <ady@freebsd.ady.ro>
Cc:        "Charles M. Hannum" <root@IHACK.NET>, BUGTRAQ@SECURITYFOCUS.COM, freebsd-security@FreeBSD.ORG
Subject:   Re: FreeBSD-specific denial of service 
Message-ID:  <199909241433.HAA63586@cwsys.cwsent.com>
In-Reply-To: Your message of "Fri, 24 Sep 1999 17:02:25 %2B0300." <Pine.BSF.4.10.9909241652530.35644-100000@ady.warpnet.ro>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <Pine.BSF.4.10.9909241652530.35644-100000@ady.warpnet.ro>, 
Adrian Pe
nisoara writes:
> Hi,
> 
> On Tue, 21 Sep 1999, Charles M. Hannum wrote:
> 
> > [Resending once, since it's been 10.5 days...]
> > 
> > Here's an interesting denial-of-service attack against FreeBSD >=3.0
> > systems.  It abuses a flaw in the `new' FreeBSD vfs_cache.c; it has no
> > way to purge entries unless the `vnode' (e.g. the file) they point to
> > is removed from memory -- which generally doesn't happen unless a
> > certain magic number of `vnodes' is in use, and never happens when the
> > `vnode' (i.e. file) is open.  Thus it's possible to chew up an
> > arbitrary amount of wired kernel memory relatively simply.
> > 
> 
>  Seems to be fixed in CVS version 1.38.2.3 of vfs_cache.c for RELENG_3
> branch (meaning 3.3-STABLE) -- could you please check again ?
> 
>  Commit log:
> 
>    Limit aliases to a vnode in the namecache to a sysctl tunable
>    'vfs.cache.maxaliases'. This protects against a DoS via thousands of
>    hardlinks to a file wiring down all kernel memory.

In other words this has been fixed in 3.3-RELEASE.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  Cy.Schubert@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Province of BC
                      "e**(i*pi)+1=0"





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909241433.HAA63586>