CVE-2013-3301
Linux Kernel < 3.8.8 - Denial of Service via Ftrace lseek NULL Pointer Dereference
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-3301. PoCs published by anonymous.
AI-analyzed exploit summary This exploit leverages a Linux kernel vulnerability (CVE-2013-3301) to trigger a denial-of-service by manipulating the ftrace_pid file in the debug tracing directory. The exploit requires sudo privileges to write to the file, causing a kernel crash.
Description
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.
Exploits (1)
This exploit leverages a Linux kernel vulnerability (CVE-2013-3301) to trigger a denial-of-service by manipulating the ftrace_pid file in the debug tracing directory. The exploit requires sudo privileges to write to the file, causing a kernel crash.