Home > Exploits, Security > Ecryptfs NULL pointer dereference exploit (CVE-2009-2908)

Ecryptfs NULL pointer dereference exploit (CVE-2009-2908)

October 17th, 2009 Leave a comment Print Print Go to comments

Commit afc2b6932f48f200736d3e36ad66fee0ec733136 at the linux kernel is about a NULL pointer dereference that happens under certain circumstances. As many of you already know, NULL pointer dereferences are exploitable and are actually a “hot topic” lately. You can find a lot of references, such as Julien Tinnes’ great blog post, Brad Spender‘s enlightenment framework, etc. I haven’t seen any exploits for this bug yet so I’ve written one. You can download it here. I won’t go into details here, you can read the source code which is full of helpful comments. A description of the exploit would be actually a copy/paste of all the comments here, so it’s better to read the entire source code!

Categories: Exploits, Security Tags:
  1. argp
    October 19th, 2009 at 09:08 | #1

    Excellent work, well done Fotis.

  1. No trackbacks yet.

This site is using OpenAvatar based on

*

SEO Powered by Platinum SEO from Techblissonline
%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close