NetBSD "cpu-hog" Denial of Service Vulnerability

In 4.x BSD based unix-variants, code running in the kernel must hand over the CPU voluntarily. If a system call runs for an extended period of time for whatever reason and does not yield the CPU, it is not forced to. Along with this, there are a number of tricks regular users can play to make systemcalls run for a long period of time. As a result, it is possible for malicious users to deny other processes CPU time by consuming all of it and cause a denial of service.


 

Privacy Statement
Copyright 2010, SecurityFocus