This bug either wasn't fixed or there has been a recent regression.
Ubuntu lucid
openssh-server 1:5.3p1-3ubuntu1
/etc/default/ssh: SSHD_OOM_ADJUST=-17
As well as causing kernel panics, a malicious user can use this technique to kill off trusted root daemons and (if they use a port >= 1024) launch spoofing processes.
Not only is this a DoS risk, it can also lead to takedown of critical system components required for the SSH session to work (NetworkManager etc.)
This bug either wasn't fixed or there has been a recent regression.
Ubuntu lucid
openssh-server 1:5.3p1-3ubuntu1
/etc/default/ssh: SSHD_OOM_ADJUST=-17
As well as causing kernel panics, a malicious user can use this technique to kill off trusted root daemons and (if they use a port >= 1024) launch spoofing processes.
Not only is this a DoS risk, it can also lead to takedown of critical system components required for the SSH session to work (NetworkManager etc.)