[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] New Linux LPE via GSMIOC_SETCONF_DLCI?
From: "Dr. Christopher Kunz" <info () christopher-kunz ! de>
Date: 2024-04-17 8:47:46
Message-ID: c652582f-f18d-4c70-953d-366c5a721771 () christopher-kunz ! de
[Download RAW message or body]
Am 16.04.24 um 22:16 schrieb Solar Designer:
> I'm puzzled by the lack of follow-ups on this, but anyway @FFFVR_
> tweeted they also found (more) vulnerabilities in the n_gsm driver:
>
FWIW, YuriiCrimson's bug for 5.15 - 6.1 seems to be patched on current
Debian:
debianexploitgsm:/tmp/ExploitGSM/ExploitGSM_5_15_to_6_1$ ./ExploitGSM debian
kallsyms restricted, begin retvial kallsyms table
detected kernel path-> /boot/vmlinuz-6.1.0-20-amd64
detected compressed format -> xz
Uncompressed kernel size -> 65900116
successfully taken kernel!
begin try leak startup_xen!
startup_xen leaked address -> ffffffff8546f1c0
text leaked address -> ffffffff83400000
lockdep_map_size -> 32
spinlock_t_size -> 4
mutex_size -> 32
gsm_mux_event_offset -> 56
Error set line discipline N_GSM, Operation not permitted
--cku
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic