CVE-2002-1380

Linux kernel 2.2.x - Denial of Service via mmap PROT_READ on /proc/pid/mem

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1380. PoCs published by Michal Zalewski.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in the Linux 2.2 kernel by leveraging a bug in the mmap() implementation. It uses ptrace to attach to its own process and then maps memory from /proc/pid/mem, causing the kernel to stop responding.

Description

Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michal Zalewski · cdoslinux

https://www.exploit-db.com/exploits/22105

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in the Linux 2.2 kernel by leveraging a bug in the mmap() implementation. It uses ptrace to attach to its own process and then maps memory from /proc/pid/mem, causing the kernel to stop responding.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux kernel 2.2.x

No auth needed

Prerequisites: Unprivileged user access on a Linux 2.2.x system

MITRE ATT&CK