New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Challenge: exploit #DirtyCOW without MADV_DONTNEED #21

Open

dirtycow opened this issue Oct 23, 2016 · 0 comments

Labels

Owner

dirtycow commented Oct 23, 2016

See https://twitter.com/solardiz/status/789923234275885056

OK, next challenge: exploit #DirtyCOW without MADV_DONTNEED. Can you? The race still there, just no(?) easy&efficient trigger.
we need places that manipulate ptes without write-locking mmap_sem, yes? Surely there are others.
Perhaps not every kind of manipulation will work. I'd be interested in a PoC.

mremap, munmap, msync, mprotect don't work as drop-in replacements.

dirtycow added the help wanted label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment