Name | dmesg_leak |
---|---|
CVE | CVE-2018-14656 Exploit Pack |
NOTES: This module gives an unpriviledged user the ability to dump a file from the kernel | |
memory. A common scenario is to dump the /etc/shadow or kerberos tickets. | |
Note: This only works for now on Arch Linux with kernels 4.18. | |
Caveats: | |
1. Attacking vmware, vbox or bare metal is absolutely the same, performance wise. | |
2. Not all the filesystems are handled. In particular tmpfs or XFS files cannot be leaked. | |
3. With this version you can only dump files fitting within a single page (<= 4096 bytes) |
VersionsAffected:
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14656
Repeatability: Infinite