CVE-2018-0492

HIGH

beep < 1.3.4 - Local Privilege Escalation via Race Condition

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2018-0492. PoCs published by Pirhack, qazbnm456, xbl3.

AI-analyzed exploit summary This exploit leverages a race condition in the 'beep' utility (CVE-2018-0492) to overwrite the first bytes of a target file with '/*/x', causing it to execute commands from '/tmp/x' when run. It requires precise timing and symlink manipulation to achieve local privilege escalation.

Description

Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation.

Exploits (6)

exploitdb WORKING POC
by Pirhack · pythonlocallinux
https://www.exploit-db.com/exploits/44452

This exploit leverages a race condition in the 'beep' utility (CVE-2018-0492) to overwrite the first bytes of a target file with '/*/x', causing it to execute commands from '/tmp/x' when run. It requires precise timing and symlink manipulation to achieve local privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: beep (likely versions before 1.3.4)
No auth needed
Prerequisites: Access to a vulnerable 'beep' binary · Ability to create symlinks and execute commands · A writable file in a privileged directory (e.g., /etc/profile.d/)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WRITEUP 3,480 stars
by qazbnm456 · poc
https://github.com/qazbnm456/awesome-cve-poc/tree/master/CVE-2018-0492.md

This repository provides a technical writeup for CVE-2018-0492, a race condition vulnerability in the Linux kernel's AF_PACKET implementation. It includes references to external PoC code and detailed explanations of the vulnerability.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: Linux kernel (AF_PACKET implementation)
No auth needed
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 27, 2026 Full analysis →
github WRITEUP 14 stars
by xbl3 · poc
https://github.com/xbl3/awesome-cve-poc_qazbnm456/tree/master/CVE-2018-0492.md

This repository provides a technical writeup for CVE-2018-0492, a vulnerability in the Beepcore audio processing library. It includes references to external PoC code and detailed explanations of the exploit mechanism.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Beepcore audio processing library
No auth needed
Prerequisites: Access to the target system running Beepcore
devstral-2 · analyzed Feb 27, 2026 Full analysis →
gitlab WORKING POC 1 stars
by Creased · poc
https://gitlab.com/Creased/cve-2018-0492

This repository contains a functional exploit for CVE-2018-0492, leveraging a vulnerability in the 'beep' utility to achieve local privilege escalation (LPE) via a crafted backdoor and manipulation of system paths.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: beep (version 1.3 or earlier)
No auth needed
Prerequisites: Local access to the target system · Presence of the vulnerable 'beep' utility with suid bit set
devstral-2 · analyzed Feb 23, 2026 Full analysis →
gitlab WORKING POC
by hackernix · poc
https://gitlab.com/hackernix/cve-2018-0492

This repository contains a functional exploit for CVE-2018-0492, leveraging a vulnerability in the 'beep' utility to achieve local privilege escalation (LPE) by manipulating the SUID binary and exploiting its execution path.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: beep (version 1.3 or earlier)
Auth required
Prerequisites: Local access to the system · Presence of the vulnerable 'beep' binary with SUID bit set
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44452/
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2018/dsa-4163
Third Party Advisory x_refsource_confirm
https://security-tracker.debian.org/tracker/CVE-2018-0492
Mailing List, Third Party Advisory x_refsource_confirm
https://lists.debian.org/debian-security-announce/2018/msg00089.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/04/msg00002.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201805-15

Scores

CVSS v3 7.0
EPSS 0.0165
EPSS Percentile 73.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (4)
beep_project/beep < 1.3.4
debian/debian_linux 7.0
debian/debian_linux 8.0
debian/debian_linux 9.0
Published Apr 03, 2018
Tracked Since Feb 18, 2026