CVEs-PoC/2014/CVE-2014-4608.md

CVE-2014-4608

Description

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is not affected; media hype.

POC

Reference

• http://www.ubuntu.com/usn/USN-2416-1

Github

No PoCs found on GitHub currently.