Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Most Popular Tags

Expand Cut Tags

No cut tags

June 20th, 2004

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Sunday, June 20th, 2004 02:21 pm
unixronin: Galen the technomage, from Babylon 5: Crusade (Techno)
Sunday, June 20th, 2004 02:50 pm

Many 2.4.x and 2.6.x kernels on x86 and x86-64 are vulnerable to a DOS which allows the kernel to be crashed by running an unprivileged program.

"There's a path into the kernel where if there is a pending FP error, the kernel will end up taking an FP exception, and it will continue to take the FP exception forever. Duh." -Linus Torvalds

If you enabled Magic SysRq (CONFIG_MAGIC_SYSRQ=y, found in make menuconfig at Kernel hacking -> Magic SysRq key) in your kernel you can cleanly reboot if evil freezes your system with the following keyboard combination:

  1. Alt-SysRq-R (keyboard in raw mode)
  2. Alt-SysRq-S (save unsaved data to disk)
  3. Alt-SysRq-E (send termination signal)
  4. Alt-SysRq-I (send kill signal)
  5. Alt-SysRq-U (remount all mounted file systems)
  6. Alt-SysRq-B (reboots the system)

See the article above for patches for 2.4 and 2.6 kernels for x86 and x86-64 architectures.  Direct links to the most common patches:

The exploit cannot do any damage after applying the patch, but it will continue to consume 99% of CPU until killed.