The fork bomb is a kind of denial-of-service attack (DoS attack) and it is performed against a computer system, making use of the fork operation (or equivalent functionality) through running new process based on already running process. It is considered that fork bombs don’t spread as worms or viruses. For making the system incapable of working (crash or denial of service), the fork bombs simply rely on the state that the number of programs and processes executed at the same time on a computer have limits. This type of self-replicating program is sometimes called wabbit.
A fork bomb affects the operating system by running big amount of processes very quickly in order to fill in the available space in the list of processes. Upon a saturation of the process table there can’t be new programs starting, unless already running process is terminated. Even if an already running process is terminated, there is no guarantee that useful program may be started since the fork bomb program keeps attempting to occupy any new free space.
Besides using the space in the process table, each child process of a fork bomb takes place in the processor-time and memory. This results on the system and any existing programs by slowing them down and making them almost impossible to use (hardly responding).