Skip to content

Latest commit

 

History

History

CVE-2013-1858

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags,
which allows local users to gain privileges by calling chroot and leveraging the sharing of the 
/ directory between a parent process and a child process.

Vulnerability reference:

Kernels

before 3.8.3

Usage

$ cc -Wall clown-newuser.c -static

$ ./a.out

References