Add introductory message to socket_test.

author: Jason A. Donenfeld <Jason@zx2c4.com> 2011-03-10 00:14:52 -0500
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2011-03-10 00:14:52 -0500
commit: de92ded14e56baf05eaef2eac42e34adb1d022f0 (patch)
tree: 129f8c179f1542407f22090f6f60525fa5993c5e
parent: Give credit. (diff)
download: CVE-2010-4258-de92ded14e56baf05eaef2eac42e34adb1d022f0.tar.xz
CVE-2010-4258-de92ded14e56baf05eaef2eac42e34adb1d022f0.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/socket_test.c b/socket_test.c
index d4c0024..91bd27f 100644
--- a/socket_test.c
+++ b/socket_test.c
@@ -1,3 +1,15 @@
+/*
+ * TCP_MAXSEG Kernel Panic DoS for Linux < 2.6.37-rc2
+ * by zx2c4
+ *
+ * This exploit triggers CVE-2010-4165, a divide by zero
+ * error in net/ipv4/tcp.c. Because this is on the softirq
+ * path, the kernel oopses and then completely dies with
+ * no chance of recovery. It has been very reliable as a
+ * DoS, but is not useful for triggering other bugs.
+ *
+ */
+
 #include <stdio.h>
 #include <string.h>
 #include <sys/socket.h>
author	Jason A. Donenfeld <Jason@zx2c4.com>	2011-03-10 00:14:52 -0500
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2011-03-10 00:14:52 -0500
commit	de92ded14e56baf05eaef2eac42e34adb1d022f0 (patch)
tree	129f8c179f1542407f22090f6f60525fa5993c5e
parent	Give credit. (diff)
download	CVE-2010-4258-de92ded14e56baf05eaef2eac42e34adb1d022f0.tar.xz CVE-2010-4258-de92ded14e56baf05eaef2eac42e34adb1d022f0.zip