CVEs-PoC/2018/CVE-2018-7757.md

### [CVE-2018-7757](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7757)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

### POC

#### Reference
- https://usn.ubuntu.com/3698-1/
- https://usn.ubuntu.com/3698-2/

#### Github
No PoCs found on GitHub currently.