automatic module_metadata_base.json update

4.x
Metasploit 2018-11-27 14:35:17 -08:00
parent 4c2772a5fc
commit 528a11a8b2
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 53 additions and 0 deletions

View File

@ -53728,6 +53728,59 @@
]
}
},
"exploit_linux/local/nested_namespace_idmap_limit_priv_esc": {
"name": "Linux Nested User Namespace idmap Limit Local Privilege Escalation",
"full_name": "exploit/linux/local/nested_namespace_idmap_limit_priv_esc",
"rank": 500,
"disclosure_date": "2018-11-15",
"type": "exploit",
"author": [
"Jann Horn",
"bcoles"
],
"description": "This module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18,\n and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user\n namespaces and kernel uid/gid mappings allow elevation to root\n (CVE-2018-18955).\n\n The target system must have unprivileged user namespaces enabled and\n the newuidmap and newgidmap helpers installed (from uidmap package).\n\n This module has been tested successfully on:\n\n Fedora Workstation 28 kernel 4.16.3-301.fc28.x86_64;\n Kubuntu 18.04 LTS kernel 4.15.0-20-generic (x86_64);\n Linux Mint 19 kernel 4.15.0-20-generic (x86_64);\n Ubuntu Linux 18.04.1 LTS kernel 4.15.0-20-generic (x86_64).",
"references": [
"BID-105941",
"CVE-2018-18955",
"EDB-45886",
"PACKETSTORM-150381",
"URL-https://bugs.chromium.org/p/project-zero/issues/detail?id=1712",
"URL-https://github.com/bcoles/kernel-exploits/tree/master/CVE-2018-18955",
"URL-https://lwn.net/Articles/532593/",
"URL-https://bugs.launchpad.net/bugs/1801924",
"URL-https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18955",
"URL-https://security-tracker.debian.org/tracker/CVE-2018-18955",
"URL-https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd",
"URL-https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.19",
"URL-https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.2"
],
"is_server": true,
"is_client": false,
"platform": "Linux",
"arch": "x86, x64",
"rport": null,
"autofilter_ports": [
],
"autofilter_services": [
],
"targets": [
"Auto"
],
"mod_time": "2018-11-27 18:58:05 +0000",
"path": "/modules/exploits/linux/local/nested_namespace_idmap_limit_priv_esc.rb",
"is_install_path": true,
"ref_name": "linux/local/nested_namespace_idmap_limit_priv_esc",
"check": true,
"post_auth": false,
"default_credential": false,
"notes": {
"AKA": [
"subuid_shell.c"
]
}
},
"exploit_linux/local/netfilter_priv_esc_ipv4": {
"name": "Linux Kernel 4.6.3 Netfilter Privilege Escalation",
"full_name": "exploit/linux/local/netfilter_priv_esc_ipv4",