This is a proof-of-concept Local Privilege Escalaption exploit for CVE-2016-9793 — a vulnerability I found in the SO_SNDBUFFORCE and SO_RCVBUFFORCE socket options implementation. Requires CAP_NET_ADMIN capability.
Timeline:
- 1 Dec 2016 — Bug reported to security@kernel org
- 2 Dec 2016 — Mainline fix is committed
- 22 Mar 2017 — This exploit is published