You are not logged in.
- Topics: Active | Unanswered
#1 2016-01-20 19:41:17
- AdrianCohea
- Member
- Registered: 2013-06-29
- Posts: 16
[Solved] Not able to replicate CVE-2016-0728
I downloaded the exploit code for this CVE and updated the addresses of commit_creds() and prepare_kernel_cred() from /proc/kallsyms; however, I am still not able to escalate to root. Kernel version 4.3.3-2 (x64_86) should be vulnerable, right? My CPU is Core i7-5700HQ.
Is there something I am doing wrong? I'm just wondering if anyone else has been able to replicate this. Mostly for my curiosity...
EDIT: Nevermind. I think it's because the exploit doesn't implement an SMEP bypass.
Last edited by AdrianCohea (2016-01-20 19:51:09)
gpg --keyserver hkps.pool.sks-keyservers.net --recv-key 0x77660e16dba99933
0B85 1AC2 4980 B654 0DA3 D1E1 7766 0E16 DBA9 9933
Offline
#2 2016-01-20 21:25:40
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 20,349
Re: [Solved] Not able to replicate CVE-2016-0728
Either way, the patch is in the main line kernel on both core and testing
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline