
Ubuntu 16.04 LTS 0day priv escalation - ll0rtagem
https:&#x2F;&#x2F;twitter.com&#x2F;vnik5287&#x2F;status&#x2F;974439706896187392
http:&#x2F;&#x2F;cyseclabs.com&#x2F;exploits&#x2F;upstream44.c
======
vicaya
To disable this class of exploits (bugs in unprivileged bpf) without
installing a new kernel:

echo 1 | sudo tee /proc/sys/kernel/unprivileged_bpf_disabled

------
laci27
There should really be a law against this sort of thing. Security researchers
are needed and they provide a valuable service to the world, but please don't
get ahead of yourselfs. In recent months there were many instances where
people just disclosed vulnerabilities without making sure there are fixed
available. This is wrong and legally should be equivalent to hacking.

In the past, when vulnerabilities with no fixes were disclosed were after
months and months of trying to contact the developers of said software and
patch it... Nowadays it seems everyone is eager to ride their 15 minutes of
fame...SAD :)

~~~
ll0rtagem
I think the fix is in the tweet. The bug is fixed in the staging kernel and it
shows how to install it?

~~~
lampington
The problem is that it's a staging kernel, not a full release. I've not been
able to get it to boot on m3.large AWS instances, though it seems to work on
xlarge.

------
ekvintroj
This is from 2016 actually [https://www.exploit-
db.com/exploits/39772/](https://www.exploit-db.com/exploits/39772/)

~~~
ll0rtagem
nah that's unrelated. the bug is not a memory corruption

------
AstralStorm
Another exploit against a kernel space firewall language interpreter.

Why is this even enabled in Ubuntu?

------
compsciphd
well, it definitely works on my own box.

------
laci27
To ALL security 'researchers' out there: PLEASE don't disclose 0day's before
they where fixed by the project owners!

