- Fotis' Blog - https://fotisl.com/blog -

Ecryptfs NULL pointer dereference exploit (CVE-2009-2908)

Commit afc2b6932f48f200736d3e36ad66fee0ec733136 [1] at the linux kernel is about a NULL pointer dereference that happens under certain circumstances. As many of you already know, NULL pointer dereferences are exploitable and are actually a “hot topic” lately. You can find a lot of references, such as Julien Tinnes’ great blog post [2], Brad Spender [3]‘s enlightenment framework, etc. I haven’t seen any exploits for this bug yet so I’ve written one. You can download it here [4]. I won’t go into details here, you can read the source code which is full of helpful comments. A description of the exploit would be actually a copy/paste of all the comments here, so it’s better to read the entire source code!