Conversation

Andrey Konovalov

@andreyknvl

Proof-of-Concept local root exploit for the double-free in Linux kernel DCCP implementation (CVE-2017-6074): https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074…

12:53 AM · Feb 26, 2017·Twitter Web Client

250

Retweets

1

Quote Tweet

255

Likes

Vitaly Nikolenko

@vnik5287

·

Feb 26, 2017

Replying to

@andreyknvl

why do you need to run inside a namespace? haven't tried it yet but can't you create dccp sockets as a non-privileged user?

@andreyknvl

1

Andrey Konovalov

@andreyknvl

·

Feb 26, 2017

Replying to

@vnik5287

You can, so namespace support is not technically required to exploit the bug, but it made things easier for two reasons:

@vnik5287

1

1

3

Show replies

w0

@jgrusko

·

Feb 26, 2017

Replying to

@andreyknvl

@mxatone

@github

Matches my prediction that public exploit will require unprivileged namespaces :)

Nitay Artenstein

@nitayart

·

Feb 26, 2017

Replying to

@andreyknvl

How widespread is support for DCCP in real world distros? Android kernels (for example) are usually compiled without it

1