DragonFlyBSD Kernel Audit
← dashboard
DF-0309

Unbounded pending NOCACHE upcall entries: remote memory-exhaustion DoS when mrouter active

Summary

X_ip_mforward cache miss(:1266) allocates mfc+rtdetq+m_copypacket per distinct (src,grp). MAX_UPQ=4 bounds per-flow but no global cap on stalled entries. Remote multicast flood of distinct flows -> unbounded mbuf/kmalloc pressure. Token held whole miss path. Requires active mrouter.