130 matches found
Updated kernel-rt packages fix security vulnerability
This kernel update provides an update to 3.12.9 and fixes the following critical security issue: Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or...
Updated kernel-linus package fixes security vulnerability
This kernel update provides an update to 3.12.9 and fixes the following critical security issue: Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or...
Updated kernel package fixes a critical security issue
This kernel update provides an update to 3.12.9 and fixes the following critical security issue: Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or...
MGASA-2014-0039 Updated kernel package fixes a critical security issue
This kernel update provides an update to 3.12.9 and fixes the following critical security issue: Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or...
DEBIAN-CVE-2014-0038
The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...
CVE-2014-0038
The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...
CVE-2014-0038
The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...
Immunity Canvas: RECVMMSG
Name| recvmmsg ---|--- CVE| CVE-2014-0038 Exploit Pack| CANVAS Description| recvmmsg local root Notes| Repeatability: Infinite Notes: Tested on: - Ubuntu 13.10 x8664 3.11.0-12-generic VENDOR: GNU/Linux CVE Url: https://vulners.com/cve/CVE-2014-0038 CVE Name: CVE-2014-0038...
CVE-2014-0038
The CVE-2014-0038 issue affects the Linux kernel before 3.13.2 when CONFIG_X86_X32 is enabled: the compat_sys_recvmmsg function in net/compat.c can be exploited via recvmmsg with a crafted timeout pointer to gain local privileges. Public references document a local privilege escalation (exploitab...
CVE-2014-0038
The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...
CVE-2014-0038
The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...
Exploit Linux 3.4+ Local Root (CONFIG_X86_X32=y)
OSVDB-ID: 2014-0038 Author: rebel Published: 2014-02-02 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec...
Exploit Linux 3.4+ Arbitrary write with CONFIG_X86_X32
CVE: 2014-0038 Author: saelo Published: 2014-02-02 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a...
Linux Kernel 3.4 3.13.2 (Ubuntu 13.10) - CONFIG_X86_X32 Arbitrary Write (2)
Linux Kernel 3.4 3.13.2 Ubuntu 13.10 - CONFIGX86X32 Arbitrary Write 2 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pa...
Linux Kernel 3.4 3.13.2 (Ubuntu 13.0413.10 x64) - CONFIG_X86_X32y Local Privilege Escalation (3)
Linux Kernel 3.4 3.13.2 Ubuntu 13.0413.10 x64 - CONFIGX86X32y Local Privilege Escalation 3 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13...
Linux kernel 3.4+ Arbitrary write with CONFIG_X86_X32
Exploit for linux platform in category local exploits / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to ...
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write (2)
/ Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as timeout for recvmmsg, if the...
Linux kernel 3.4+ local root (CONFIG_X86_X32=y)
Exploit for linux platform in category local exploits / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec i...
USN-2096-1: Linux kernel vulnerability
Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrator privileges...
Linux Kernel 3.4 3.13.2 - recvmmsg x32 compat (PoC)
Linux Kernel 3.4 3.13.2 - recvmmsg x32 compat PoC / PoC trigger for the linux 3.4+ recvmmsg x32 compat bug, based on the manpage https://code.google.com/p/chromium/issues/detail?id=338594 $ while true; do echo $RANDOM /dev/udp/127.0.0.1/1234; sleep 0.25; done / define GNUSOURCE include include...