CVE-2017-14489

MEDIUM

Linux Kernel < 4.13.2 - Denial of Service via iscsi_if_rx Length Validation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14489. PoCs published by Wang Chenyu.

AI-analyzed exploit summary This PoC exploits a Linux kernel vulnerability (CVE-2017-14489) by sending a malformed Netlink message to trigger a NULL pointer dereference, causing a kernel crash (DoS). The exploit manipulates `skb_shinfo(SKB)->nr_frags` via a crafted `nlmsghdr` structure.

Description

The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.

Exploits (1)

exploitdb WORKING POC

by Wang Chenyu · cdoslinux

https://www.exploit-db.com/exploits/42932

View Code ZIP pw:eip

This PoC exploits a Linux kernel vulnerability (CVE-2017-14489) by sending a malformed Netlink message to trigger a NULL pointer dereference, causing a kernel crash (DoS). The exploit manipulates `skb_shinfo(SKB)->nr_frags` via a crafted `nlmsghdr` structure.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux kernel < 4.14-rc3

No auth needed

Prerequisites: Local access to the target system · Netlink socket permissions

MITRE ATT&CK