Bug 53693 - System crash kernel hang sending data to socket as normal user
Summary: System crash kernel hang sending data to socket as normal user
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel   
(Show other bugs)
Version: 7.1
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: David Miller
QA Contact: Brock Organ
URL: http://www.javascript-games.org/socke...
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2001-09-15 12:28 UTC by Scott Porter
Modified: 2007-04-18 16:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-12-18 14:14:51 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Scott Porter 2001-09-15 12:28:11 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
While testing a java server, I wrote a small C program to send data out to 
a socket. I created a bug, which meant a large amount of data was pushed 
in one write, the data itself didn't exist (pointer error).

The result, which is easily replicated, is a complete system crash, even 
though the program itself is not running as root. Possible exploit? 
Everything stops; network, video, keyboard, disk. No logs are generated so 
far as I can tell.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Download the tarball from the URL I supplied above.
2. Either build the program, or run the included version.
3. Watch everything stop :-)

Actual Results:  System crash.

Expected Results:  System running :-) Program should send data out to 
socket. Expected a segfault due to bug.

Additional info:

Comment 1 David Miller 2001-09-20 23:52:53 UTC
You don't mention which kernel version or rpm you are using.
Nevertheless can you try to reproduce this with our latest
errata kernels?

There was a similar bug like this at one point, and it may be
present in the kernel which shipped in 7.1

Comment 2 Scott Porter 2001-09-21 08:28:16 UTC
Ok, this is the stock install of RH 7.1. on various hardware (same results on 
each). No changes to the Kernel (normal kernel, not Enterprise or SMP). Apart 
from the Ximian desktop, the install is standard in each case. I'll download 
the errata rpms to test (will take a while, I'm on a modem!)

Comment 3 Michael K. Johnson 2002-01-18 20:11:33 UTC
Please try updating to the errata release first.  You can use up2date
to do so.

Note You need to log in before you can comment on or make changes to this bug.