CVE-2017-7472
CVE-2017-7472
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
Affected products
n/a · Linux kernel before 4.10.13public PoCs found — 3
githubgithub.com/homjxi0e/CVE-2017-7472★ 0cve_referencewww.exploit-db.com/exploits/42136/unverifiedexploitdbwww.exploit-db.com/exploits/42136unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271bhttp://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlhttp://openwall.com/lists/oss-security/2017/05/11/1https://access.redhat.com/errata/RHSA-2018:0151https://access.redhat.com/errata/RHSA-2018:0152https://access.redhat.com/errata/RHSA-2018:0181https://bugzilla.novell.com/show_bug.cgi?id=1034862https://bugzilla.redhat.com/show_bug.cgi?id=1442086https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271bhttps://lkml.org/lkml/2017/4/1/235https://lkml.org/lkml/2017/4/3/724https://www.exploit-db.com/exploits/42136/