Andrew Lutomirski

3 exploits Active since May 2013
CVE-2018-1000199 NOMISEC MEDIUM WORKING POC
Linux Kernel <3.18 - Memory Corruption
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
CVSS 5.5
CVE-2015-3290 EXPLOITDB c WORKING POC
Linux kernel <4.1.6 - Privilege Escalation
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.
CVE-2013-1959 EXPLOITDB c WORKING POC
Linux Kernel < 3.8.9 - Privilege Escalation via uid_map and gid_map File Handling
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.