Lucene search

K
exploitpackRen KimuraEXPLOITPACK:16C6631EA58A39D16E0BC600D7FA1BAB
HistoryJul 24, 2017 - 12:00 a.m.

Linux Kernel - BadIRET Local Privilege Escalation

2017-07-2400:00:00
Ren Kimura
40

EPSS

0

Percentile

0.4%

Linux Kernel - BadIRET Local Privilege Escalation

# CVE-2014-9322 PoC for Linux kernel
CVE-2014-9322 (a.k.a BadIRET) proof of concept for Linux kernel.  
This PoC uses only syscalls not any libraries, like pthread. Threads are implemented using raw Linux syscalls.  
[Raw Linux Threads via System Calls](http://nullprogram.com/blog/2015/05/15/)  

# Usage
```
$ make
```
**badiret.elf** is an ELF executable.  
**badiret.bin** is a raw binary that can be used as payload.  

# Reference
[Exploiting β€œBadIRET” vulnerability (CVE-2014-9322, Linux kernel privilege escalation)](https://blogs.bromium.com/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/)  

Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44205.zip