CVEs-PoC/2016/CVE-2016-8650.md

### [CVE-2016-8650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8650)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2016/Nov/76

#### Github
- https://github.com/RUB-SysSec/kAFL