CVE-2001-0907

Linux Kernel 2.2.1-2.2.19 and 2.4.1-2.4.10 - Denial of Service via Deeply Nested Symlinks

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0907. PoCs published by Nergal.

AI-analyzed exploit summary This exploit creates a long chain of symbolic links to trigger a denial-of-service condition in vulnerable Linux kernels by blocking the process scheduler during dereferencing. The script automates the creation of nested symbolic links to achieve this effect.

Description

Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nergal · bashdoslinux

https://www.exploit-db.com/exploits/21122

View Code ZIP pw:eip

This exploit creates a long chain of symbolic links to trigger a denial-of-service condition in vulnerable Linux kernels by blocking the process scheduler during dereferencing. The script automates the creation of nested symbolic links to achieve this effect.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux kernel (versions affected by CVE-2001-0907)

Auth required

Prerequisites: local access to the target system

MITRE ATT&CK