vnik5287

5 exploits Active since May 2013
CVE-2016-6187 NOMISEC HIGH WORKING POC
Linux kernel <4.6.5 - Privilege Escalation
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
5 stars
CVSS 7.8
CVE-2014-4014 NOMISEC WORKING POC
Linux kernel <3.14.8 - Privilege Escalation
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
2 stars
CVE-2017-16995 NOMISEC HIGH WORKING POC
Linux BPF Sign Extension Local Privilege Escalation
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
1 stars
CVSS 7.8
CVE-2013-2094 NOMISEC HIGH WORKING POC
Linux Kernel < 3.0.75 - Local Privilege Escalation via perf_event_open System Call
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
1 stars
CVSS 8.4
CVE-2014-4699 NOMISEC WORKING POC
Linux kernel <3.15.4 - Privilege Escalation
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
1 stars