CVE-2016-8655 PoC — Linux kernel 资源管理错误漏洞

Source

Associated Vulnerability

Title:Linux kernel 资源管理错误漏洞 (CVE-2016-8655)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 4.8.12版本及之前版本存在资源管理错误漏洞。攻击者利用该漏洞获取特权，或造成拒绝服务（释放后重用）。

Description

Chocobo Root (CVE-2016-8655) Analysis

Readme

# chocobo
Chocobo Root (CVE-2016-8655) Analysis

# Notes

This is the newest Linux privesc, released 2016-12-06 [here http://seclists.org/oss-sec/2016/q4/607].

References found at this point:
http://www.theregister.co.uk/2016/12/07/android_dirty_cow_kernel_patch/
https://www.exploit-db.com/exploits/40871/


Goal: Create a CPI white-paper/blog with:
* deeper analysis of the exploit. Currently 
* instructions for setting up an Ubuntu VM to debug the kernel, using symbols
  and QEMU
* script/procedure for adding offsets for other kernel versions
*

File Snapshot


 [4.0K]  /data/pocs/d563ed9834ff6ff121c36db9acfcbab5495018c1
└── [ 553]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!