NetBSD "cpu-hog" Denial of Service Vulnerability
BID:1272
Info
NetBSD "cpu-hog" Denial of Service Vulnerability
| Bugtraq ID: | 1272 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | May 28 2000 12:00AM |
| Updated: | May 28 2000 12:00AM |
| Credit: | First made public in NetBSD security advisory NetBSD-SA2000-005, published on May 28, 2000. |
| Vulnerable: |
NetBSD NetBSD 1.4.2 x86 NetBSD NetBSD 1.4.2 SPARC NetBSD NetBSD 1.4.2 arm32 NetBSD NetBSD 1.4.2 Alpha NetBSD NetBSD 1.4.1 x86 NetBSD NetBSD 1.4.1 SPARC NetBSD NetBSD 1.4.1 arm32 NetBSD NetBSD 1.4.1 Alpha |
| Not Vulnerable: | |
Discussion
NetBSD "cpu-hog" Denial of Service Vulnerability
In 4.x BSD based unix-variants, code running in the kernel must hand over the CPU voluntarily. If a system call runs for an extended period of time for whatever reason and does not yield the CPU, it is not forced to. Along with this, there are a number of tricks regular users can play to make systemcalls run for a long period of time. As a result, it is possible for malicious users to deny other processes CPU time by consuming all of it and cause a denial of service.
In 4.x BSD based unix-variants, code running in the kernel must hand over the CPU voluntarily. If a system call runs for an extended period of time for whatever reason and does not yield the CPU, it is not forced to. Along with this, there are a number of tricks regular users can play to make systemcalls run for a long period of time. As a result, it is possible for malicious users to deny other processes CPU time by consuming all of it and cause a denial of service.
Exploit / POC
NetBSD "cpu-hog" Denial of Service Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
NetBSD "cpu-hog" Denial of Service Vulnerability
Solution:
From the advisory:
For NetBSD 1.4, 1.4.1, and 1.4.2: A patch is available in
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/20000527-yield
For NetBSD-current:
NetBSD-current since 20000420 contains all the fixes, and is not vulnerable. Users of NetBSD-current should upgrade to a source tree dated 20000420 or later.
Solution:
From the advisory:
For NetBSD 1.4, 1.4.1, and 1.4.2: A patch is available in
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/20000527-yield
For NetBSD-current:
NetBSD-current since 20000420 contains all the fixes, and is not vulnerable. Users of NetBSD-current should upgrade to a source tree dated 20000420 or later.