CVE-2017-7472

MEDIUM

Linux kernel <4.10.13 - DoS

Title source: llm

Description

The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.

Exploits (2)

nomisec WORKING POC
by homjxi0e · poc
https://github.com/homjxi0e/CVE-2017-7472
exploitdb WORKING POC VERIFIED
by Marcus Meissner · cdoslinux
https://www.exploit-db.com/exploits/42136

References (15)

Scores

CVSS v3 5.5
EPSS 0.0050
EPSS Percentile 65.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-404
Status published
Products (2)
linux/linux_kernel < 4.10.12
n/a/Linux kernel before 4.10.13 < Linux kernel before 4.10.13
Published May 11, 2017
Tracked Since Feb 18, 2026