[UCI-Linux] Linux kernel 0-day
Mike Iglesias
iglesias at uci.edu
Tue May 14 14:52:20 PDT 2013
Some releases of Linux, notably CentOS and RedHat Linux 6, are
vulnerable to a local exploit that gains the user root access. It
appears so far that this only applies to 64bit systems, although the
exploit could possibly be modified to exploit 32bit systems as well.
More info here:
https://bugzilla.redhat.com/show_bug.cgi?id=962792
https://news.ycombinator.com/item?id=5703758
Copy of the exploit code:
http://packetstormsecurity.com/files/121616/semtex.c
Compile with -O2 and run it. On Fedora 17, I either got an assert
failure or a kernel oops. Supposedly works on Debian 7 and Ubuntu 12.04
as well.
Watch for a kernel update soon...
Mike
More information about the UCI-Linux
mailing list