cve/2017/CVE-2017-16995.md

CVE-2017-16995

Description

The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.

POC

Reference

• http://openwall.com/lists/oss-security/2017/12/21/2
• https://www.exploit-db.com/exploits/44298/
• https://www.exploit-db.com/exploits/45010/
• https://www.exploit-db.com/exploits/45058/

Github

• https://github.com/0dayhunter/Linux-exploit-suggester
• https://github.com/84KaliPleXon3/linux-exploit-suggester
• https://github.com/ARPSyndicate/cvemon
• https://github.com/AabyssZG/AWD-Guide
• https://github.com/AfvanMoopen/tryhackme-
• https://github.com/Al1ex/CVE-2017-16995
• https://github.com/Al1ex/LinuxEelvation
• https://github.com/C0dak/CVE-2017-16995
• https://github.com/DanielShmu/OSCP-Cheat-Sheet
• https://github.com/De4dCr0w/Linux-kernel-EoP-exp
• https://github.com/Dk0n9/linux_exploit
• https://github.com/Getshell/LinuxTQ
• https://github.com/JMontRod/Pruebecita
• https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
• https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
• https://github.com/LucidOfficial/Linux-exploit-suggestor
• https://github.com/Lumindu/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-
• https://github.com/Metarget/metarget
• https://github.com/Micr067/linux-kernel-exploits
• https://github.com/PhoenixCreation/resources
• https://github.com/QChiLan/linux-exp
• https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m-
• https://github.com/R0B1NL1N/linux-kernel-exploitation
• https://github.com/Realradioactive/archive-linux-exploit-suggester-master
• https://github.com/Ruviixx/proyecto-ps
• https://github.com/SecWiki/linux-kernel-exploits
• https://github.com/SexyBeast233/SecBooks
• https://github.com/Snoopy-Sec/Localroot-ALL-CVE
• https://github.com/Technoashofficial/kernel-exploitation-linux
• https://github.com/The-Z-Labs/linux-exploit-suggester
• https://github.com/TheJoyOfHacking/mzet-linux-exploit-suggester
• https://github.com/Trivialcorgi/Proyecto-Prueba-PPS
• https://github.com/Villaquiranm/security_information_systems
• https://github.com/Vip3rLi0n/WSO2-Management-WriteUp
• https://github.com/WireFisher/LearningFromCVE
• https://github.com/ZTK-009/RedTeamer
• https://github.com/ZTK-009/linux-kernel-exploits
• https://github.com/ZhiQiAnSecFork/cve-2017-16995
• https://github.com/albinjoshy03/linux-kernel-exploits
• https://github.com/alian87/linux-kernel-exploits
• https://github.com/anldori/CVE-2017-16995
• https://github.com/anoaghost/Localroot_Compile
• https://github.com/bryanqb07/oscp_notes
• https://github.com/bsauce/kernel-exploit-factory
• https://github.com/bsauce/kernel-security-learning
• https://github.com/catsecorg/CatSec-TryHackMe-WriteUps
• https://github.com/catuhub/dockerized-vms
• https://github.com/chorankates/Help
• https://github.com/corentingiraud/Simple-Metasploit-PE-example
• https://github.com/dangokyo/CVE_2017_16995
• https://github.com/danielnmuner/about-linux-Azure
• https://github.com/distance-vector/linux-kernel-exploits
• https://github.com/fei9747/CVE-2017-16995
• https://github.com/fei9747/LinuxEelvation
• https://github.com/fei9747/linux-exploit-suggester
• https://github.com/fengjixuchui/RedTeamer
• https://github.com/gugronnier/CVE-2017-16995
• https://github.com/hktalent/bug-bounty
• https://github.com/holmes-py/King-of-the-hill
• https://github.com/hungslab/awd-tools
• https://github.com/integeruser/on-pwning
• https://github.com/ivilpez/cve-2017-16995.c
• https://github.com/jackbarbaria/THMskynet
• https://github.com/jas502n/Ubuntu-0day
• https://github.com/kdn111/linux-kernel-exploitation
• https://github.com/khanhdn111/linux-kernel-exploitation
• https://github.com/khanhdz-06/linux-kernel-exploitation
• https://github.com/khanhdz191/linux-kernel-exploitation
• https://github.com/khanhhdz/linux-kernel-exploitation
• https://github.com/khanhhdz06/linux-kernel-exploitation
• https://github.com/khanhnd123/linux-kernel-exploitation
• https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
• https://github.com/kkamagui/linux-kernel-exploits
• https://github.com/knd06/linux-kernel-exploitation
• https://github.com/kumardineshwar/linux-kernel-exploits
• https://github.com/likescam/Ubuntu-0day-2017
• https://github.com/littlebin404/CVE-2017-16995
• https://github.com/lnick2023/nicenice
• https://github.com/mareks1007/cve-2017-16995
• https://github.com/mzet-/linux-exploit-suggester
• https://github.com/ndk191/linux-kernel-exploitation
• https://github.com/ozkanbilge/Linux-Kernel-Exploits
• https://github.com/ozkanbilge/Ubuntu16.04-0day-Local-Root
• https://github.com/password520/RedTeamer
• https://github.com/password520/linux-kernel-exploits
• https://github.com/ph4ntonn/CVE-2017-16995
• https://github.com/pradeepavula/Linux-Exploits-LES-
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/qiantu88/Linux--exp
• https://github.com/rakjong/LinuxElevation
• https://github.com/ret2p4nda/kernel-pwn
• https://github.com/retr0-13/linux_exploit_suggester
• https://github.com/rettbl/Useful
• https://github.com/richardsonjf/King-of-the-hill
• https://github.com/rodrigosilvaluz/linux-exploit-suggester
• https://github.com/rootclay/Ubuntu-16.04-0Day
• https://github.com/s3mPr1linux/linux-exploit-suggester
• https://github.com/senyuuri/cve-2017-16995
• https://github.com/ssr-111/linux-kernel-exploitation
• https://github.com/stefanocutelle/linux-exploit-suggester
• https://github.com/testermas/tryhackme
• https://github.com/thelostvoice/global-takeover
• https://github.com/thelostvoice/inept-us-military
• https://github.com/tninh27/Lab
• https://github.com/vnik5287/CVE-2017-16995
• https://github.com/xairy/linux-kernel-exploitation
• https://github.com/xbl3/awesome-cve-poc_qazbnm456
• https://github.com/xfinest/linux-kernel-exploits
• https://github.com/xssfile/linux-kernel-exploits
• https://github.com/yige666/linux-kernel-exploits
• https://github.com/zyjsuper/linux-kernel-exploits