Linux Kernel - 'BadIRET' Local Privilege Escalation

EDB-ID:

44205


Author:

Ren Kimura

Type:

local


Platform:

Linux

Date:

2017-07-24


# CVE-2014-9322 PoC for Linux kernel
CVE-2014-9322 (a.k.a BadIRET) proof of concept for Linux kernel.  
This PoC uses only syscalls not any libraries, like pthread. Threads are implemented using raw Linux syscalls.  
[Raw Linux Threads via System Calls](http://nullprogram.com/blog/2015/05/15/)  

# Usage
```
$ make
```
**badiret.elf** is an ELF executable.  
**badiret.bin** is a raw binary that can be used as payload.  

# Reference
[Exploiting “BadIRET” vulnerability (CVE-2014-9322, Linux kernel privilege escalation)](https://blogs.bromium.com/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/)  

Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44205.zip