*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: openssh-server
All child processes of openssh-server inherit the oom_adj value of -17
which makes the unkillable in low memory situation. Any user logged into
the machine via ssh can cause a kernel-panic by creating a process that
simply consumes memory.
I have reported this before for Hardy (Bug #293000). Upstream Debian
fixes were shipped in Intrepid, Jaunty has the problem again.
Please fix openssh to degrade child processes to a higher oom_adj value.
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
openssh-server dos regression in jaunty (oom_adj)
https://bugs.launchpad.net/bugs/390556
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
