Subject: kern/28929: fcntl F_CLOSEM can hang entire system
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <marcotte@panix.com>
List: netbsd-bugs
Date: 01/10/2005 16:09:01
>Number: 28929
>Category: kern
>Synopsis: fcntl F_CLOSEM can hang entire system
>Confidential: yes
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Jan 10 16:09:01 +0000 2005
>Originator: Brian Marcotte
>Release: NetBSD 2.0
>Organization:
Panix
>Environment:
System: NetBSD panix5.panix.com 2.0 NetBSD 2.0 (PANIX-USER) #1: Fri Jan 7 20:17:17 EST 2005 root@trinity.nyc.access.net:/devel/netbsd/2.0/src/sys/arch/i386/compile/PANIX-USER i386
Architecture: i386
Machine: i386
>Description:
An ordinary user can use fcntl(0,F_CLOSEM) and immediately hang
the entire system.
This, of course, is a local denial of service attack.
>How-To-Repeat:
If you compile and run this program, the system immediately locks
up. You do NOT need to be root.
#include <fcntl.h>
int
main()
{
fcntl(0, F_CLOSEM);
}
>Fix:
Don't know.