CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo

09/03/2013ExploitsCVE-2013-1763, Kernel, Linuxwow

Timeline :

Vulnerability discovered and reported to the vendor by Mathias Krause the 2013-02-23
PoC provided the 2013-02-25

PoC provided by :

Mathias Krause
SynQ

Reference(s) :

CVE-2013-1763

Affected version(s) :

Linux Kernel 3.3 to 3.8

Tested on Ubuntu 12.10 x86 with :

Kernel 3.5.0-17-generic

Description :

Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY with a family greater or equal then AF_MAX — the array size of sock_diag_handlers[]. The current code does not test for this condition therefore is vulnerable to an out-of-bound access opening doors for a privilege escalation.

Commands :

id
gcc -o CVE-2013-1763 CVE-2013-1763.c
./CVE-2013-1763 Ubuntu
id

16 thoughts on “CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo”

unixfreaxjp says:

10/03/2013 at 18:08

@eromang #Exploit #Video: #CVE-2013-1763 SOCK_DIAG vulnerability in #Linux kernel 3.3-3.8 Demo http://t.co/mMF66nUxDt http://t.co/Ou4UxIPYf6
robertmarquardt says:

10/03/2013 at 17:41

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
wopot says:

10/03/2013 at 09:37

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
Seb_Net says:

10/03/2013 at 09:35

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
muhan56 says:

10/03/2013 at 07:52

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
felipe4900 says:

09/03/2013 at 22:11

RT @ubersec: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo: http://t.co/t6E9KHVK1j
d7n0 says:

09/03/2013 at 22:09

RT @ubersec: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo: http://t.co/t6E9KHVK1j
ubersec says:

09/03/2013 at 22:00

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo: http://t.co/t6E9KHVK1j
matteoca says:

09/03/2013 at 21:02

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/ludAJHOIB4
SecurityCrap says:

09/03/2013 at 19:33

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/SRu6ExoXMk
SecurityCrap says:

09/03/2013 at 19:32

RT @ankit_appy: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/AqooYhfQMg
reppinca says:

09/03/2013 at 19:30

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
ankit_appy says:

09/03/2013 at 19:28

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/AqooYhfQMg
AnonsTurkey says:

09/03/2013 at 18:36

RT @Dinosn: CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
Dinosn says:

09/03/2013 at 17:38

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/jPybpipdbd
eromang says:

09/03/2013 at 17:21

CVE-2013-1763 SOCK_DIAG vulnerability in Linux kernel 3.3 to 3.8 Demo http://t.co/cAUxxQZaMW

Comments are closed.

Eric Romang Blog

aka wow on ZATAZ.com