CVE-2014-3631

Linux Kernel 3.13-3.14.19 - Denial of Service via Associative Array Garbage Collection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3631. PoCs published by Emeric Nasi.

AI-analyzed exploit summary This PoC exploits a NULL pointer dereference in the Linux kernel's associative array garbage collection (CVE-2014-3631) by creating multiple keyrings and setting a timeout to trigger a kernel panic. It demonstrates a denial-of-service condition without achieving code execution.

Description

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

Exploits (1)

exploitdb WORKING POC

by Emeric Nasi · cdoslinux

https://www.exploit-db.com/exploits/36268

View Code ZIP pw:eip

This PoC exploits a NULL pointer dereference in the Linux kernel's associative array garbage collection (CVE-2014-3631) by creating multiple keyrings and setting a timeout to trigger a kernel panic. It demonstrates a denial-of-service condition without achieving code execution.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux kernel before 3.16.3

Auth required

Prerequisites: Local user access · keyutils library · Kernel version between 3.13.0 and 3.16.2

MITRE ATT&CK