GitHub - ww9210/kernel4.20_bpf_LPE: exploit code for a bpf heap overflow vulnerability

ww9210 / kernel4.20_bpf_LPE Public

Notifications You must be signed in to change notification settings
Fork 10
Star 27

exploit code for a bpf heap overflow vulnerability

27 stars 10 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
bzImage		bzImage
config		config
exp.c		exp.c
readme.txt		readme.txt
start.sh		start.sh

Repository files navigation

There is a writeup for this vulnerability at https://www.anquanke.com/post/id/166819 (in Chinese).
This is a local priviledge escalation exploit for a kernel bpf bug.
affected version: 4.20-rc1, 4.20-rc2, 4.20-rc3, 4.20-rc4

```bash
user@syzkaller:~$ ./exp
rop_payload_initialized
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:kernel_t:s0
# uname -a
Linux syzkaller 4.20.0-rc3 #1 SMP Thu Nov 22 15:12:38 CST 2018 x86_64 GNU/Linux
#
```

references:
https://www.mail-archive.com/[email protected]/msg256073.html
https://www.mail-archive.com/[email protected]/msg256054.html