Linux Kernel 2.x sock_sendpage() Local Ring0 Root Exploit

2009-08-14 17:36:44

/* dedicated to my best friend in the whole world, Robin Price
the joke is in your hands

just too easy -- some nice library functions for reuse here though

credits to julien tinnes/tavis ormandy for the bug

may want to remove the __attribute__((regparm(3))) for 2.4 kernels,
I have no time to test

spender@www:~$ cat redhat_hehe
I bet Red Hat will wish they closed the SELinux vulnerability when they
were given the opportunity to. Now all RHEL boxes will get owned by
leeches.c :p

fd7810e34e9856f77cba67f291ba115f33411ebd
d4b0e413ebf15d039953dfabf7f9a2d1

thanks to Dan Walsh for the great SELinux bypass even on "fixed" SELinux
policies

use ./wunderbar_emporium.sh for everything

*/

http://www.grsecurity.net/~spender/wunderbar_emporium.tgz
back: http://milw0rm.com/sploits/2009-wunderbar_emporium.tgz

#

Fixes

No fixes

In order to submit a new fix you need to be registered.