Davidlohr Bueso

3 exploits Active since Nov 2013
CVE-2017-5669 WRITEUP HIGH WRITEUP
Linux kernel <4.9.12 - Local Privilege Escalation
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
CVSS 7.8
CVE-2013-4483 WRITEUP WRITEUP
Linux Kernel < 3.10 - Denial of Service via IPC Reference Count Mismanagement
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.
CVE-2017-5669 WRITEUP HIGH WRITEUP
Linux kernel <4.9.12 - Local Privilege Escalation
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
CVSS 7.8