# kernel4.20_bpf_LPE

**Repository Path**: sohu0106/kernel4.20_bpf_LPE

## Basic Information

- **Project Name**: kernel4.20_bpf_LPE
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2020-11-03
- **Last Updated**: 2020-12-19

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

There is a writeup for this vulnerability at https://www.anquanke.com/post/id/166819 (in Chinese).
This is a local priviledge escalation exploit for a kernel bpf bug.
affected version: 4.20-rc1, 4.20-rc2, 4.20-rc3, 4.20-rc4

```bash
user@syzkaller:~$ ./exp
rop_payload_initialized
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:kernel_t:s0
# uname -a
Linux syzkaller 4.20.0-rc3 #1 SMP Thu Nov 22 15:12:38 CST 2018 x86_64 GNU/Linux
#
```

references:
https://www.mail-archive.com/netdev@vger.kernel.org/msg256073.html
https://www.mail-archive.com/netdev@vger.kernel.org/msg256054.html