Skip to content

Latest commit

 

History

History
30 lines (20 loc) · 737 Bytes

File metadata and controls

30 lines (20 loc) · 737 Bytes

CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags,
which allows local users to gain privileges by calling chroot and leveraging the sharing of the 
/ directory between a parent process and a child process.

Vulnerability reference:

Kernels

before 3.8.3

Usage

$ cc -Wall clown-newuser.c -static

$ ./a.out

References