Linux Kernel - 'BadIRET' Local Privilege Escalation

Author: Ren Kimura
type: local
platform: linux
port: 
date_added: 2018-02-28 
date_updated: 2018-07-11 
verified: 0 
codes: CVE-2014-9322 
tags: 
aliases:  
screenshot_url:  
application_url: 

# CVE-2014-9322 PoC for Linux kernel
CVE-2014-9322 (a.k.a BadIRET) proof of concept for Linux kernel.
This PoC uses only syscalls not any libraries, like pthread. Threads are implemented using raw Linux syscalls.
[Raw Linux Threads via System Calls](http://nullprogram.com/blog/2015/05/15/)

# Usage
```
$ make
```
**badiret.elf** is an ELF executable.
**badiret.bin** is a raw binary that can be used as payload.

# Reference
[Exploiting “BadIRET” vulnerability (CVE-2014-9322, Linux kernel privilege escalation)](https://blogs.bromium.com/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/)

Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44205.zip