what you don't know can hurt you
Showing 1 - 2 of 2 RSS Feed

CVE-2013-6282

Status Candidate

Overview

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.

Related Files

Android get_user/put_user Exploit
Posted Dec 26, 2016
Authored by timwr, fi01, cubeundcube | Site metasploit.com

This Metasploit module exploits a missing check in the get_user and put_user API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commit_creds and ptmx_fops address, then uses the write primitive to execute shellcode as uid 0. The exploit was first discovered in the wild in the vroot rooting application.

tags | exploit, kernel, root, shellcode
systems | linux
advisories | CVE-2013-6282
MD5 | 6ac7470332daea5b3fb0c0b2de23f30c
Ubuntu Security Notice USN-2067-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2067-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
MD5 | 015bb4dfaae8930d9fa991ee2ce266f6
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close