Bug 302921 (CVE-2006-6921)
Summary: | CVE-2006-6921 kernel: denial of service with wedged processes | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mark J. Cox <mjc> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | gnichols, johnp, kernel-maint, kernel-mgr, kreilly, kseifried, rt-maint |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6921 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-09-29 16:42:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 221403, 221414, 229882, 302931 | ||
Bug Blocks: |
Description
Mark J. Cox
2007-09-24 10:55:36 UTC
From Albert Cahalan: Normally, when a process dies it becomes a zombie. If the parent dies (before or after the child), the child is adopted by init. Init will reap the child. The program included below DOES NOT get reaped. Do like so: gcc -m32 -O2 -std=gnu99 -o foo foo.c while true; do killall -9 foo; ./foo; sleep 1; done BTW, it gets even better if you start playing with ptrace. Use the "strace" program (following children) and/or start sending rapid-fire SIGKILL to all the various _threads_ in the processes. You can get processes wedged in a wide variety of interesting states. I've seen "X" state, processes sitting around with pending SIGKILL, a process stuck in "D" state supposedly core dumping despite ulimit 0 on the core size, etc. This issue does not affect versions of kernels shipped in RHEL2.1 or RHEL3. All children bugs have been closed, parent is no longer needed. |