CVE-2013-6282

Related Files

Android get_user/put_user Exploit

Posted Dec 26, 2016

Authored by timwr, fi01, cubeundcube | Site metasploit.com

This Metasploit module exploits a missing check in the get_user and put_user API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commit_creds and ptmx_fops address, then uses the write primitive to execute shellcode as uid 0. The exploit was first discovered in the wild in the vroot rooting application.

tags | exploit, kernel, root, shellcode

systems | linux

advisories | CVE-2013-6282

SHA-256 | eac5456bcf0ec583938479375c419cbd5715505092e66d61115ffa99e92b6015

Download | Favorite | View

Ubuntu Security Notice USN-2067-1

Posted Jan 3, 2014

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2067-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp

systems | linux, ubuntu

advisories | CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027

SHA-256 | f026924acc26aeec8f7f134fa6517d8629dc2787dfd6d43f822b523543fcffd0

Download | Favorite | View