Date: Mon, 3 Feb 2014 10:10:46 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) On Sun, Feb 02, 2014 at 08:14:44AM +0400, Solar Designer wrote: > Just off Twitter: > > <noptrix> recvmmsg.c - linux 3.4+ local root (CONFIG_X86_X32=y) expl0it - http://pastebin.com/DH3Lbg54 > > SHA-256(recvmmsg.c.txt) = 4603acf96e845cecd2c5877a68fa5b5c591ba00c52859ded2a31a9daf48a457d > > for the version I just downloaded (but did not review, although it looks > sane at first glance). The exploit includes offsets for 3 Ubuntu kernels. Another exploit: https://github.com/saelo/cve-2014-0038 Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ