Date: Mon, 10 May 1999 12:05:26 -0700 (PDT) From: dima@best.net (Dima Ruban) To: Don.Lewis@tsc.tdk.com (Don Lewis) Cc: nate@mt.sri.com (Nate Williams), truckman@FreeBSD.org (Don Lewis), cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern uipc_usrreq.c Message-ID: <199905101905.MAA29210@burka.rdy.com> In-Reply-To: <199905101901.MAA24520@salsa.gv.tsc.tdk.com> from Don Lewis at "May 10, 1999 12:01:06 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Don Lewis writes: > I'm pretty sure that's a different leak. The KKIS (unintentionally I > think) exploits a bug in the code that implements the passing of > descriptors across Unix domain datagram sockets. If there is a failure in > the middle of the operation, there is an extra reference to the descriptor > which is being passed that gets orphaned. The reason I think this exploit > is unintentional in FreeBSD >= 3.1, is that it exploits another bug in > older versions of FreeBSD that pretty quickly provokes a panic. The > descriptor leak takes longer to DoS the machine. > > BTW, should someone prepare a patch for both bugs in 2.2.X? I was just gonna suggest this. We still use 2.x-stable in the production enviroment. > > I haven't observed the other leak. It looks like a problem with stream > sockets. > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905101905.MAA29210>