Blog | G5 Cyber Security

New Local Linux Kernel Root Exploit Published

An interesting exploit for the Linux kernel that enables an attacker to escalate his privileges on a local machine has popped up on the Full Disclosure mailing list. The exploit chains together three separate bugs to get root on a vulnerable machine. Two of the bugs that Rosenberg uses in the exploit have been patched by two of the major Linux distributions. The most interesting of the three vulnerabilities, however, is a recent one that is still unpatched in the kernel. It would be trivial to write a slightly more sophisticated version of this that doesn’t have the roadblocks I put in to prevent abuse by script kiddies.

Source: https://threatpost.com/new-local-linux-kernel-root-exploit-published-120810/74750/

Exit mobile version