CVE-2001-0316

Linux kernel <2.4,2.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0316. PoCs published by Chris Evans.

AI-analyzed exploit summary This exploit leverages a signed integer vulnerability in the Linux kernel's sysctl() system call to read kernel memory by supplying a negative length value, potentially leading to privilege escalation. The PoC writes kernel memory contents to files for analysis.

Description

Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Chris Evans · clocallinux

https://www.exploit-db.com/exploits/20626

View Code ZIP pw:eip

This exploit leverages a signed integer vulnerability in the Linux kernel's sysctl() system call to read kernel memory by supplying a negative length value, potentially leading to privilege escalation. The PoC writes kernel memory contents to files for analysis.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Linux Kernel (versions prior to fix for CVE-2001-0316)

No auth needed

Prerequisites: Access to a vulnerable Linux system · Ability to execute binary code

MITRE ATT&CK