oss-sec mailing list archives

Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided)

From: Wei Wu <ww9210 () gmail com>
Date: Sun, 2 Dec 2018 15:50:22 +0800

hi,

there is none because it did not affect any release version.

wei

On Sun, Dec 2, 2018 at 15:01 Dhiraj Mishra <mishra.dhiraj95 () gmail com>
wrote:

Hey,

Just wanted to know is there any CVE assigned to this issue?



Thanks

On Sat, Nov 24, 2018 at 2:39 PM Yves-Alexis Perez <corsac () debian org>
wrote:

On Fri, 2018-11-23 at 21:45 +0100, Yves-Alexis Perez wrote:

On Fri, 2018-11-23 at 19:09 +0100, Greg KH wrote:

As was discussed further on one of the threads on this topic, it looks
like this is a 4.20-rc issue only, and that 4.19 does not have this
issue.  So it might not be relevant to any distro at all, but I

suggest

that people test themselves to be sure.


Hi Greg, thanks for the precision.


And considering no released kernel is vulnerable, here is the proof of
concept
code provided initially.

Regards,
--
Yves-Alexis



--
Regards

*Dhiraj Mishra.*GPG ID :  51720F56   |  Finger Print : 1F6A FC7B 05AA
CF29 8C1C  ED65 3233 4D18 5172 0F56

Current thread:

fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Yves-Alexis Perez (Nov 23)
- Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Greg KH (Nov 23)
  - Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Yves-Alexis Perez (Nov 23)
    - Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Yves-Alexis Perez (Nov 24)
    - Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Dhiraj Mishra (Dec 02)
    - Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Wei Wu (Dec 02)
  - Re: fwd: [vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided) Daniel Borkmann (Nov 23)