CVE-2015-1805 PoC — Linux kernel‘fs/pipe.c’本地内存损坏漏洞

Source

Associated Vulnerability

Title:Linux kernel‘fs/pipe.c’本地内存损坏漏洞 (CVE-2015-1805)
Description:Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.16之前版本的fs/pipe.c文件中的pipe_read和pipe_write实现过程中存在安全漏洞，该漏洞源于程序没有正确考虑failed __copy_to_user_inatomic和__copy_from_user_inatomic调用的副效应。本地攻击者可借助特制的应用程序利用该漏洞造成拒绝服务（系统崩溃

Description

CVE-2015-1805 root tool

Readme

# iovyroot
A root tool based on the [CVE-2015-1805 vulnerability](https://access.redhat.com/security/cve/cve-2015-1805)

It supports 32 and 64bit but requires absolute kernel addresses (see [offsets.c](jni/offsets.c))



poc was done by idler1984 https://github.com/idl3r/testcode

File Snapshot


 [4.0K]  /data/pocs/2410b2183f41da0465991c7c728ebc2b564cb512
├── [4.0K]  jni
│   ├── [ 302]  Android.mk
│   ├── [  60]  Application.mk
│   ├── [2.3K]  flex_array.c
│   ├── [4.8K]  getroot.c
│   ├── [4.0K]  include
│   │   ├── [1.6K]  flex_array.h
│   │   ├── [ 551]  getroot.h
│   │   ├── [ 761]  offsets.h
│   │   ├── [ 295]  policydb.h
│   │   ├── [  77]  sid.h
│   │   ├── [1.1K]  sidtab.h
│   │   └── [3.1K]  threadinfo.h
│   ├── [8.1K]  main.c
│   ├── [ 33K]  offsets.c
│   └── [2.5K]  sid.c
└── [ 280]  README.md

2 directories, 15 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!