28 matches found
Linux Kernel 5.1.x - (PTRACE_TRACEME) pkexec Local Privilege Escalation Exploit (2)
Exploit Title: Linux Kernel 5.1.x - 'PTRACETRACEME' pkexec Local Privilege Escalation 2 Exploit Author: Ujas Dhami Version: 4.19 - 5.2.1 Platform: Linux Tested on: Ubuntu 19.04 kernel 5.0.0-15-generic Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 Kali Linux kernel 4.19.0-kali5-amd64 CVE:...
Linux Kernel 5.1.x PTRACE_TRACEME pkexec Local Privilege Escalation
Exploit Title: Linux Kernel 5.1.x - 'PTRACETRACEME' pkexec Local Privilege Escalation 2 Date: 11/22/21 Exploit Author: Ujas Dhami Version: 4.19 - 5.2.1 Platform: Linux Tested on: Ubuntu 19.04 kernel 5.0.0-15-generic Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 Kali Linux kernel...
Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)
Exploit Title: Linux Kernel 5.1.x - 'PTRACETRACEME' pkexec Local Privilege Escalation 2 Date: 11/22/21 Exploit Author: Ujas Dhami Version: 4.19 - 5.2.1 Platform: Linux Tested on: Ubuntu 19.04 kernel 5.0.0-15-generic Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 Kali Linux kernel...
CVE-2021-43057
A use-after-free read flaw was found in selinuxptracetraceme in security/selinux/hooks.c in SELinux handler for PTRACETRACEME in the Linux kernel. In this flaw, an attempt to access the subjective credentials of another task may cause memory corruption by a user with local access and escalate...
CVE-2021-43057
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinuxptracetraceme aka the SELinux handler for PTRACETRACEME could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the...
Linux SELinux PTRACE_TRACEME Handler Use-After-Free Exploit
Linux suffers from a use-after-free read in the SELinux handler for PTRACETRACEME. Linux: UAF read in SELinux handler for PTRACETRACEME There's a UAF read in the SELinux handler for PTRACETRACEME, selinuxptracetraceme. The bug was introduced in commit eb1231f73c4d7 "selinux: clarify task...
Linux SELinux PTRACE_TRACEME Handler Use-After-Free
Linux: UAF read in SELinux handler for PTRACETRACEME There's a UAF read in the SELinux handler for PTRACETRACEME, selinuxptracetraceme. The bug was introduced in commit eb1231f73c4d7 "selinux: clarify task subjective and objective credentials". Part of the issue is that while the "cred" member...
CentOS 8 : kernel (CESA-2019:2411)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2411 advisory. - kernel: hw: Spectre SWAPGS gadget vulnerability CVE-2019-1125 - kernel: broken permission and object lifetime handling for PTRACETRACEME CVE-2019-132...
Linux PTRACE_TRACEME Local Root Exploit
Linux kernel versions starting at 4.10 and below 5.1.7 PTRACETRACEME local root exploit that uses the pkexec technique. Exploit Title: Ubuntu 16.04.6-Kernel-PTRACETRACEME-allowslocaluserstoobtainrootaccess - Local Author: nu11secur1ty Vendor: Ubuntu Linux kernel before 5.1.17 Link:...
Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Polkit pkexec helper PTRACETRACEME local root exploit', 'Description' = %q This module exploits an issue in ptracelink in kernel/ptrace.c...
Linux Polkit pkexec Helper PTRACE_TRACEME Local Root
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Polkit pkexec helper PTRACETRACEME local root exploit', 'Description' = %q This module exploits an issue in ptracelink in kernel/ptrace.c...
Linux Polkit pkexec Helper PTRACE_TRACEME Local Root Exploit
This Metasploit module exploits an issue in ptracelink in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel...
CVE-2019-13272
A flaw was found in the way PTRACETRACEME functionality was handled in the Linux kernel. The kernel's implementation of ptrace can inadvertently grant elevated permissions to an attacker who can then abuse the relationship between the tracer and the process being traced. This flaw could allow a...
RHEL 7 : kernel-alt (RHSA-2019:2809)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2809 advisory. The kernel-alt packages provide the Linux kernel version 4.x. Security Fixes: Kernel: page cache side channel attacks CVE-2019-5489 Kernel:...
Linux Polkit pkexec helper PTRACE_TRACEME local root exploit
This module exploits an issue in ptracelink in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel before...
RHEL 8 : kernel (RHSA-2019:2411)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2411 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: broken permission and object...
Exploit for CVE-2019-13272
CVE-2019-13272 Linux local root exploit Linux 4.10 "...
Exploit for CVE-2019-13272
CVE-2019-13272 Linux local root exploit Linux 4.10 "...
Linux local to mention the right vulnerability(CVE-2019-13272)early warning-vulnerability warning-the black bar safety net
2019 07 on 20 December, the Linux officially fixes a local kernel to mention the right vulnerability. Through this vulnerability, the attacker may be an ordinary user permissions elevated to Root privileges. Vulnerability description When calling PTRACETRACEME, the ptracelink function will get th...
Linux Kernel 4.10 < 5.1.17 - PTRACE_TRACEME pkexec Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits // Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272...