Monthly Archives: April 2018

Get Root Privileges Using CVE-2017-16995

NOTE: PLEASE DO NOT USE IT TO ATTACK OTHER COMPUTERS. CVE-2017-16995 has been fixed before. But it is broken again in many kernels of Debian and Ubuntu distributions, ranging from version 4.4 to 4.14. It causes an arbitrary memory read/write access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL). The issue could occur due to calculation errors in the eBPF verifier module, triggered by user-supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call. Steps to Reproduce Create a file named upstream44.c and paste following code to it. Then, compile it and make it executable:…

Continue Reading
Contact Us
  • Room 614, Zonghe Building, Harbin Institute of Technology
  • cshzxie [at] gmail.com