Re: inode->i_count security hole

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Mon, 12 Jan 1998 14:39:38 +0000 (GMT)


On Mon, 12 Jan 1998, Alan Cox wrote:

> > Looking forward to 2.0.34 (with idt mem leak fix? This could be used as a
> > local DoS)
>
> Actually you can do better than a DoS attack with it. The fix is to make
> i_count a long at the moment.

Yes I know its a potential ->root hole. The (potential) DoS I was
referring to is the idt mem leak in arch/i386/process.c

> A related one kills every Unix we've tested stone dead.

Ouch, including OpenBSD? Heh heh heh.

Chris