CVE-2014-7822

Linux Kernel < 3.15.8 - Denial of Service via Splice System Call

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-7822. PoCs published by Emeric Nasi.

AI-analyzed exploit summary This PoC exploits a vulnerability in the Linux kernel before 3.16 where splice_write operations do not enforce maximum file size restrictions, leading to a denial of service (kernel panic) via a crafted splice system call on an ext4 filesystem.

Description

The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.

Exploits (1)

exploitdb WORKING POC

by Emeric Nasi · cdoslinux

https://www.exploit-db.com/exploits/36743

View Code ZIP pw:eip

This PoC exploits a vulnerability in the Linux kernel before 3.16 where splice_write operations do not enforce maximum file size restrictions, leading to a denial of service (kernel panic) via a crafted splice system call on an ext4 filesystem.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux kernel before 3.16

No auth needed

Prerequisites: Local access to the system · Ext4 filesystem

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (21)

Core 21

Core References

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1163792

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2544-1

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2015/dsa-3170

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/36743/

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2542-1

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-0164.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/72347

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2541-1

Patch x_refsource_confirm

https://github.com/torvalds/linux/commit/8d0207652cbe27d1f962050737848e5ad4671958

View Patch ZIP pw:eip

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-0694.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/117810

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html

Patch x_refsource_confirm

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d0207652cbe27d1f962050737848e5ad4671958

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2543-1

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-0102.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-0674.html

Scores

EPSS 0.0038

EPSS Percentile 60.1%

Details

CWE

CWE-264

Status published

Products (1)

linux/linux_kernel < 3.15.8

Published Mar 16, 2015

Tracked Since Feb 18, 2026