Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.

Wireshark-bugs: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.

Date: Tue, 8 Dec 2009 04:07:01 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3270

--- Comment #29 from Russell C. Sibley <lab@xxxxxxxxxxxxx> 2009-12-08 04:07:00 PST ---
I just noticed the statement "SystemObjectInformation requires that the
FLG_MAINTAIN_OBJECT_TYPELIST be set in NtGlobalFlags" in the comments above the
pNtQuerySystemInformation call (rndw32.c!663).  I guess "requires" is literal
;)

Also...
-------
"[...] the only user-mode interface to query the kernel-mode is
NtQuerySystemInformation API in Ntdll.dll"
http://www.eggheadcafe.com/software/aspnet/29716948/find-all-open-handles-mu.aspx
jeta posted on Monday, April 16, 2007 10:34 PM
-------

I guess that's why the userland process can't be killed...
...sounds like a potential DoS to me.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Prev by Date: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.
Next by Date: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.
Previous by thread: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.
Next by thread: [Wireshark-bugs] [Bug 3270] freezes on start, uses 100% kernel cpu, cannot kill.
Index(es):
- Date
- Thread