Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 27 Oct 2016 08:35:01 -0700
From: Andy Lutomirski <luto@...nel.org>
To: oss security list <oss-security@...ts.openwall.com>
Subject: CVE-2016-5195 test case

I sat on this longer than makes any sense given how easy to reproduce
CVE-2016-5195 is, but here's a reasonably portable reproducer.  It's
intended to have no side effects, but your mileage may vary.

https://github.com/amluto/vulnerabilities/blob/master/others/CVE-2016-5195/test_CVE-2016-5195.c

This will use /proc/self/mem or ptrace automatically, and it's
intended to be portable to a wide range of kernels.  It's an improved
version of the test case I originally sent out to distros (oops!).

--Andy

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ