CVE-2014-3153 PoC — Linux kernel 提权漏洞

Source

Associated Vulnerability

Title:Linux kernel 提权漏洞 (CVE-2014-3153)
Description:Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.14.5及之前版本的kernel/futex.c文件中的‘futex_requeue’函数存在安全漏洞，该漏洞源于程序没有正确处理futex系统调用。本地攻击者可借助特制的FUTEX_REQUEUE命令利用该漏洞获取特权。

Description

Research of CVE-2014-3153 and its famous exploit towelroot on x86

Readme

towelroot
=========

Research of CVE-2014-3153 and its famous exploit towelroot on IA (x86)

This job has DONE, but I can't leak the code, someone in my company has challenged me :(

![image](https://github.com/geekben/towelroot/blob/master/root-ubuntu.png)

##Compile
  gcc -fno-stack-protector -m32 -O0 -pthread towelroot.c -o towelroot

File Snapshot


 [4.0K]  /data/pocs/18faf6d2cfcc312ebf3adb660796572c228a5f4e
├── [ 339]  README.md
├── [123K]  root-ubuntu.png
└── [ 20K]  towelroot.c

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!