CVE-2014-2851

Linux Kernel < 3.14.1 - Use-After-Free in ping_init_sock

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2851. PoCs published by Thomas Pollet.

AI-analyzed exploit summary This PoC exploits a refcounter overflow in Linux's group_info structure (CVE-2014-2851) by creating a large number of sockets to trigger a memory corruption leading to a DoS. The code is straightforward and matches the vulnerability description.

Description

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.

Exploits (1)

exploitdb WORKING POC

by Thomas Pollet · cdoslinux

https://www.exploit-db.com/exploits/32926

View Code ZIP pw:eip

This PoC exploits a refcounter overflow in Linux's group_info structure (CVE-2014-2851) by creating a large number of sockets to trigger a memory corruption leading to a DoS. The code is straightforward and matches the vulnerability description.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux Kernel (versions affected by CVE-2014-2851)

No auth needed

Prerequisites: Linux system vulnerable to CVE-2014-2851

MITRE ATT&CK