[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy is vulnerable to CVE-2013-2094

On Tuesday, May 14, 2013, Gavin wrote:
On 14 May 2013 18:36, John Andreasson <andreassonjohn@gmail.com> wrote:
>
> Hi.
>
> Was just alerted of a kernel bug in RHEL [1], but when testing the sample code on Wheezy as an unprivileged user it successfully gives me a root prompt. Kind of suboptimal. :-(
>
> Any idea when this is fixed?
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=962792

Hi John,

I'm unable to replicate this 'issue' on my up to date Wheezy laptop.

gavin@caelyn:~$ uname -a
Linux caelyn 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2 x86_64 GNU/Linux

When I run the compiled binary of this exploit as my unprivileged user
I get the following error:-

gavin@caelyn:~$ ./getroot
2.6.37-3.x x86_64
sd@f***sheep.org 2010
getroot: getroot.c:81: main: Assertion `p = memmem(code, 1024,
&needle, 8)' failed.
Aborted

What kernel are you able to replicate this bug with ?

Hi. 

 I'm on the same kernel version/arch. Did you compile with -O2? I had to compile with that flag for it to work.
Reply to: