[Dnsmasq-discuss] Partial denial of service with dnsmasq on resource constrained systems

Ian ian at kz3.uk
Wed Mar 24 19:55:00 UTC 2021


 
It seems that on resource constrained routers, it's possible to execute a
non-critical denial of service attack against the router simply by opening
multiple tcp queries to dnsmasq, which then forks for each tcp connection up
to MAX_PROCS times, resulting in oom-killer being invoked after the router
runs out of memory.
 
One could imagine a malicious app or shell script constantly spawning new
tcp connections and keeping the router out of memory as a result.
 
This problem came to light on the Openwrt forum as a user had a taxi booking
app that opened multiple tcp connections to dnsmasq.
 
A simple patch to add a long form configuration option "-max-procs=<number>"
to dnsmasq that allows MAX_PROCS to be overridden at runtime fixed the
user's problem.
 
Not sure if this is the best way of dealing with the problem, but wanted to
bring this to the list's attention.
 
Ian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210324/c8c60ca0/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 200-max-procs.patch
Type: application/octet-stream
Size: 4603 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210324/c8c60ca0/attachment-0001.obj>


More information about the Dnsmasq-discuss mailing list