SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
WLB
Services
RSS
Corporate
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com

Home arrow SecurityAlert Database

Arrow  Topic :

soft lockups/OOM after unix socket fixes


Arrow  SecurityAlert : 4673
Arrow  CVE : CVE-2008-5300
Arrow  CWE : CWE-399
Arrow  SecurityRisk : Low  Security Risk Low  (About)
Arrow  Remote Exploit : No
Arrow  Local Exploit : Yes
Arrow  Victim interaction required : No
Arrow  Exploit Available : Yes
Arrow  Credit : dann frazier
Arrow  Published : 03.12.2008

Arrow  Affected Software : solaris_libfont
solaris_libxfont
xserver:1.4 and previous versions



Arrow  Advisory Content :  


hey,
I'm noticing that if I run the unix.c program from <A NAME="-1"></A>[1] in
a tight
loop on 2.6.28-rc5, I get frequent soft lockups. Eventually, the OOM
killer kicks in and starts taking out other processes.

I've posted a console log here:
http://free.linux.hp.com/~dannf/unix-soft-lockups.log

<A NAME="1"></A>[1] http://marc.info/?l=linux-netdev&m=122593044330973&w=2


--
dann frazier
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
<b>[prev in list] [next in list] [<font color="#c0c0c0">prev in
thread</font>] [<font color="#c0c0c0">next in thread</font>] </b>
</pre>
</pre><br><center>
Configure |

About |
News |
Donate |
Add a list |
Sponsors: 10East, KoreLogic, Terra-International, Chakpak.com
</center>
</body>
</html>


Arrow  References :

https://bugzilla.redhat.com/show_bug.cgi?id=470201
http://marc.info/?l=linux-netdev&amp;m=122765505415944&amp;w=2
http://marc.info/?l=linux-netdev&amp;m=122721862313564&amp;w=2




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc:fts_*() Multiple Denial of Service

Security Risk Medium- 2009-10-02

The fts functions are provided for traversing UNIX file hierarchies...

Apache RSS Apache Alert

» Apache 1.3.41 mod_proxy
   Integer overflow (code
   execution)

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion in work
   directory

» Apache Tomcat 6.0.20 and
   5.5.28 insecure partial
   deploy after failed
   undeploy

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion and/or
   alteration

PHP RSS PHP Alert

» PHP 5.2.12/5.3.1
   session.save_path
   safe_mode and
   open_basedir bypass

» PHP 5.2.12/5.3.1 Multiple
   Vulnerabilities

» PHP 5.2.11 libgd multiple
   vulnerabilities

» PHP 5.2.11 tempnam()
   safe_mode bypass

Copyright © SecurityReason.com. All Rights Reserved.