Author: shraptor
Date:
To: dng
Subject: Re: [DNG] Beware
On 2016-01-19 23:07, Rainer Weikusat wrote:
>
> You can find them in the System.map file for your kernel, eg,
...
Found it in my System.map
ffffffff810a97d2 T prepare_kernel_cred
ffffffff810a94b7 T commit_creds
Thanks for hint
>> some kind of stacksmashing?
>
> No. The bug in the kernel function causes a reference to some object to
...
Thank you for that concise explanation, understanding a bit better now.
Entered the addresses from my kernel and ran the program.
It took 37 min to complete
$ ./cve_2016_0728 PP_KEY
uid=1000, euid=1000
Increfing...
finished increfing
forking...
finished forking
caling revoke...
uid=1000, euid=1000
$ id -u
1000
$ id -un
alpha
I am still not root at the end? Maybe a bit overestimated this bug?
I am on kernel 4.1.6