Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.46 views

Linux 3.4+ - Arbitrary write with CONFIG_X86_X32

No description provided by source. / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as...

6.9CVSS6.5AI score0.34649EPSS
Exploits16
Tenable Nessus
Tenable Nessus
added 2014/02/18 12:0 a.m.54 views

Mandriva Linux Security Advisory : kernel (MDVSA-2014:038)

Multiple vulnerabilities has been found and corrected in the Linux kernel : The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...

6.9CVSS7AI score0.34649EPSS
Exploits17References3
Kitploit
Kitploit
added 2014/02/04 7:10 p.m.175 views

Exploit Linux 3.4+ Local Root (CONFIG_X86_X32=y)

OSVDB-ID: 2014-0038 Author: rebel Published: 2014-02-02 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec...

6.9CVSS6.1AI score0.34649EPSS
Exploits16
0day.today
0day.today
added 2014/02/02 12:0 a.m.77 views

Linux kernel 3.4+ Arbitrary write with CONFIG_X86_X32

Exploit for linux platform in category local exploits / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to ...

6.9CVSS0.2AI score0.34649EPSS
Exploits16
exploitpack
exploitpack
added 2014/02/02 12:0 a.m.105 views

Linux Kernel 3.4 3.13.2 (Ubuntu 13.0413.10 x64) - CONFIG_X86_X32y Local Privilege Escalation (3)

Linux Kernel 3.4 3.13.2 Ubuntu 13.0413.10 x64 - CONFIGX86X32y Local Privilege Escalation 3 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13...

6.9CVSS0.8AI score0.34649EPSS
Exploits16
Exploit DB
Exploit DB
added 2014/02/02 12:0 a.m.137 views

Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write (2)

/ Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as timeout for recvmmsg, if the...

6.9CVSS6.8AI score0.34649EPSS
Exploits16
Hacker One
Hacker One
added 2014/01/28 11:52 p.m.50 views

Sandbox Escape: Linux 3.4+: arbitrary write with CONFIG_X86_X32

asmlinkage long compatsysrecvmmsgint fd, struct compatmmsghdr user mmsg, unsigned int vlen, unsigned int flags, struct compattimespec user timeout int datagrams; struct timespec ktspec; if flags & MSGCMSGCOMPAT return -EINVAL; if COMPATUSE64BITTIME return sysrecvmmsgfd, struct mmsghdr user mmsg,...

6.9CVSS0.2AI score0.34649EPSS
Exploits16
Rows per page
Query Builder