CVE-2004-1983

pax_linux - Denial of Service via arch_get_unmapped_area Infinite Loop

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1983. PoCs published by Shadowinteger.

AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2004-1983, a local denial-of-service vulnerability in PaX for Linux 2.6.x kernels with ASLR enabled. It triggers an infinite loop in the kernel by manipulating the mmap system call with a specifically crafted value.

Description

The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Shadowinteger · cdoslinux

https://www.exploit-db.com/exploits/24078

View Code ZIP pw:eip

This is a proof-of-concept exploit for CVE-2004-1983, a local denial-of-service vulnerability in PaX for Linux 2.6.x kernels with ASLR enabled. It triggers an infinite loop in the kernel by manipulating the mmap system call with a specifically crafted value.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: PaX for Linux 2.6.x kernels with CONFIG_PAX_RANDMMAP

No auth needed

Prerequisites: Local access to the system · PaX with ASLR enabled on Linux 2.6.x kernel

MITRE ATT&CK