Linux kernel vulnerability to get local root

    The vulnerability allows a local user to elevate privileges to root.
    Vulnerable kernel versions c 2.6.31-rc3 to 3.15-rc5.

    The problem was caused by an error in the function n_tty_write (drivers / tty / n_tty.c), in which the access situation to the virtual terminal was incorrectly processed using the “LECHO &! OPOST” flags, which allowed the user to initiate damage to kernel memory areas.

    In one of four cases, using an exploit causes a kernel crash.

    The exploit works only on kernels> = v3.14-rc1, because it added:
    tty: Halve flip buffer GFP_ATOMIC memory consumption

    on which the exploit relies.

    Discussion on

    Article on ArsTechnica went-unpatched-since-2009

    Bug Report:



    Also popular now: