关联漏洞
标题:
Linux kernel 安全漏洞
(CVE-2017-6074)
描述:Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 4.9.11及之前的版本中的net/dccp/input.c文件中的‘dccp_rcv_state_process’函数存在安全漏洞,该漏洞源于程序没有正确处理DCCP_PKT_REQUEST数据结构。本地攻击者可借助IPV6_RECVPKTINFO setsockopt系统调用的应用程序利用该漏洞造成拒绝服务(无效的释
描述
This repository provides a modified version of the original CVE-2017-6074 exploit (use-after-free in the Linux kernel DCCP subsystem), designed only to demonstrate Denial of Service (DoS) impact. An authenticated local user can trigger a kernel panic, causing a total loss of system availability.
介绍
# CVE-2017-6074 - DoS-Only Exploit (Linux DCCP kernel panic)
This repository provides a modified version of the original CVE-2017-6074 exploit (use-after-free in the Linux kernel DCCP subsystem), designed only to demonstrate **Denial of Service (DoS)** impact.
An authenticated local user can trigger a **kernel panic**, causing a total loss of system availability.
- **No privilege escalation** is attempted or achieved.
- Exploit requires local user access (e.g., via SSH).
- For security research, PoC demonstration, and controlled testing environments only.
## References
- [CVE-2017-6074](https://nvd.nist.gov/vuln/detail/CVE-2017-6074)
- [CWE-416: Use After Free](https://cwe.mitre.org/data/definitions/416.html)
## Disclaimer
⚠️ **Run this code ONLY on authorized test systems. This program will immediately crash the kernel.**
_Use it at your personal risks, i'm not responsible for bad usages._
文件快照
[4.0K] /data/pocs/9c6e6b7cf9363cce1b7956053f67a23395b0db76
├── [9.8K] cve-2017-6074-dos-only_Version2.c
└── [ 927] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。