Linux Kernel 2.4/2.6 - 'sock_sendpage()' Local Privilege Escalation (3)

Author: Ramon de C Valle
type: local
platform: linux
port: 
date_added: 2009-09-10  
date_updated: 2019-09-06  
verified: 1  
codes: OSVDB-56992;CVE-2009-2692  
tags:   
aliases: 2009-linux-sendpage3.tar.gz  
screenshot_url:   
application_url:   

raw file: 9641.txt  

This third version features: Complete support for i386, x86_64, ppc and ppc64; The
personality trick published by Tavis Ormandy and Julien Tinnes; The TOC
pointer workaround for data items addressing on ppc64 (i.e. functions
on exploit code and libc can be referenced); Improved search and
transition to SELinux types with mmap_zero permission.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/9641.tar.gz (2009-linux-sendpage3.tar.gz)

# milw0rm.com [2009-09-11]