[Warning] A vulnerability in Linux kernels prior to 2.6.37-rc3-next-20101125

[DLow]

A vulnerability in Linux kernels prior to 2.6.37-rc3-next-20101125 allows a local user to cause a denial of service attack on your server. So this is a good time to cross check the level of access you’ve granted to the users on your server. If you’ve recently been experiencing high loads and server crashes, with no apparent network activity, you could be among one of the very few victims of this attack

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

For more details about this vulnerability you can refer to this link. If you would like to apply the patch yourself, it is available here. According to David Miller, the patch should be applied to all stable releases by now. So if you’ve enabled automated updates, your kernels should already be patched.

 

[Sandino]

good post