Follow

Multiple TCP-based remote denial of service issues found in Linux and FreeBSD kernels:

openwall.com/lists/oss-securit

@fribbledom it is worse than DoS in my opinion. Kernel panic is like MS Windows BSOD.

@nergal @fribbledom Still technically DoS. It causes a scenario where service is denied, most boxes should be able to recover after a moment.

@gudenau @fribbledom you mean once there is an NMI watchdog? I don't remember what NMI means but I always try to disable it on laptops.

@gudenau @fribbledom servers and clients' kernels differ little yes? Mostly clock, load and file descriptor differences?

@gudenau @fribbledom would not hurt. I purport a large percent of netizens run P2P services. Thus, they are running server that are targettable.

@nergal @gudenau @fribbledom Not much anymore unless you build the kernel on your own (for Linux and BSDs). On Windows, different kernels are used for the client and server operating systems, albeit related.

Any system with a hw watchdog (and even my laptop has one) can be configured to use it, meaning that if the OS locks up, it stops tickling the watchdog and the watchdog will trigger a reboot, be it by NMI (non-maskable interrupt) or a lower level reset.

@nergal @fribbledom @SuperFloppies It is "non maskable".

Would cause your system to reboot after a bit if it was ignored.

@gudenau @nergal @fribbledom Depends on hardware. Many systems offer options in firmware to disable protections such as parity checking and various (or all) processor external NMIs. Also, some processors even allow it in special registers.

The key is that “standard” masking will not work. The CLI/STI instructions have no effect on NMIs, for example.

@SuperFloppies @nergal @fribbledom That's annoying.

Really want RISC-V to be cheaper so systems could be made without decades of errata and backwards compatibility stuff.

@nergal @gudenau @fribbledom NMI means Non-maskable Interrupt. They are used in realtime systems as well as to signal unrecoverable faults in hardware.

See en.m.wikipedia.org/wiki/Non-ma for more details.

@fribbledom I guess I'm waiting on arch[1] to fix this. Though I hope my pfSense box is close to being patched.

[1]: security.archlinux.org/AVG-983

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!