CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

CVE-2017-16526

drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service general protection fault and system crash or possibly have unspecified other impact via a crafted USB device...

CVE-2017-6074

The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an application that makes an IPV6RECVPKTINF...

Linux Kernel 2.6.22 < 3.9 - Dirty COW PTRACE_POKEDATA Race Condition PoC (Write Access) Exploit

Exploit for linux platform in category local exploits // $ echo pikachu|sudo tee pokeball;ls -l pokeball;gcc -pthread pokemon.c -o d;./d pokeball miltank;cat pokeball include //// pikachu include //// -rw-r--r-- 1 root root 8 Apr 4 12:34 pokeball include //// pokeball include //// include //// o ...

CVE-2016-7912

Use-after-free vulnerability in the ffsusercopyworker function in drivers/usb/gadget/function/ffs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call...

CVE-2016-4997

The compat IPTSOSETREPLACE and IP6TSOSETREPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service memory corruption by leveraging in-container root access to provide a crafted offset value that...

CVE-2016-2069

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU...

CVE-2014-9683

Off-by-one error in the ecryptfsdecodefromfilename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted filename...

Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (working)

No description provided by source. / hatorihanzo.c Linux kernel dobrk vma overflow exploit. The bug was found by Paul IhaQueR Starzetz [email protected] Further research and exploit development by Wojciech Purczynski [email protected] and Paul Starzetz. c 2003 Copyright by IhaQueR and cliph. All Rights...

Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit (2)

No description provided by source. include netinet/in.h include stdio.h include sys/types.h include sys/socket.h include net/if.h include sys/mman.h include linux/net.h define BUFSIZE 0x10000000 int mainint argc, char argv void mem = mmap0, BUFSIZE, PROTREAD | PROTWRITE, MAPANONYMOUS | MAPPRIVATE...

Linux Kernel 2.6 < 2.6.19 - (32bit) ip_append_data() ring0 Root Exploit

No description provided by source. / 0x82-CVE-2009-2698 Linux kernel 2.6 2.6.19 32bit ipappenddata local ring0 root exploit Tested White Box 42.6.9-5.ELsmp, CentOS 4.42.6.9-42.ELsmp, CentOS 4.52.6.9-55.ELsmp, Fedora Core 42.6.11-1.1369FC4smp, Fedora Core 52.6.15-1.2054FC5, Fedora Core...

Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit

No description provided by source. / Linux = 2.6.37-rc1 serialcore TIOCGICOUNT leak ================================================ Information leak exploit for CVE-2010-4077 which leaks kernel stack space back to userland due to uninitialized struct member reserved in struct serialicounterstruc...

Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit

No description provided by source. / half-nelson.c Linux Kernel 2.6.36.2 Econet Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function ...

CVE-2014-1737

The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device...

CVE-2013-1827

net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for a certain 1 sender or 2 receiver getsockopt call...

Linux Kernel 3.3.x &lt; 3.7.x (Arch Linux x86-64) - &#039;sock_diag_handlers[]&#039; Local Privilege Escalation (1)

// archer.c // // 2012 [email protected] // // Works reliably against x86-64 3.3-3.7 arch. // // Tested against: // // Linux XXX 3.3.1-1-ARCH 1 SMP PREEMPT Tue Apr 3 06:46:17 UTC 2012 x8664 GNU/Linux // Linux XXX 3.4.7-1-ARCH 1 SMP PREEMPT Sun Jul 29 22:02:56 CEST 2012 x8664 GNU/Linux // Linux XXX...

Linux Kernel 2.6.37-rc1 - &#039;serial_multiport_struct&#039; Local Information Leak

/ Linux include include include include include define DEVICE "/dev/ttyS1" int mainint argc, char argv int ret = 0; int i, fd, reservedsize; char buf; struct serialmultiportstruct buffer; printf"\m/ Linux \n", argv0; exit-1; if argc 2 if reservedsize = atoiargv2 == 0 fprintfstderr, " - Sorry: ato...

Linux <= 2.6.37-rc1 serial_multiport_struct Local Info Leak Exploit

Exploit for linux platform in category local exploits / Linux include include include include include define DEVICE "/dev/ttyS1" int mainint argc, char argv int ret = 0; int i, fd, reservedsize; char buf; struct serialmultiportstruct buffer; printf"\m/ Linux \n", argv0; exit-1; if argc 2 if...

Linux kernel-2.6.18-6 x86 Local Root Exploit

No description provided by source. include include include include include include include include define NUMCPUS 8 define ATM "/proc/net/atm/avc" int mainvoid char err, adurit2000; int i, ret, sock, proc; struct atmqos dj; struct sockaddratmsvc addr; sock = socketPFATMSVC, SOCKDGRAM, 0; memset&d...

Linux Kernel 2.6.9-34 Local root Exploit

Exploit for linux platform in category local exploits / ========================================== Linux Kernel 2.6.9-34 Local root Exploit ========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ ...