Main
Vulnerability Database
Exploits
ID:9256 - Exploit for Privilege escalation in Linux kernel - CVE-2017-5123
ID:9256 - Exploit for Privilege escalation in Linux kernel - CVE-2017-5123
Published: August 23, 2023
Vulnerability identifier: #VU8828
Vulnerability risk: Low
CVE-ID: CVE-2017-5123
CWE-ID: CWE-391
Exploitation vector: Local access
Vulnerable software:
Linux kernel
Linux kernel
Link to public exploit:
Vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 does not check that the incoming argument points to the userspace. This can allow local users to write directly to kernel memory, which could lead to privilege escalation.
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 does not check that the incoming argument points to the userspace. This can allow local users to write directly to kernel memory, which could lead to privilege escalation.
Remediation
Install update from vendor's repository.