CVE-2017-16995

NOTE: PLEASE DO NOT USE IT TO ATTACK OTHER COMPUTERS.

CVE-2017-16995 has been fixed before. But it is broken again in many kernels of Debian and Ubuntu distributions, ranging from version 4.4 to 4.14.

It causes an arbitrary memory read/write access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL). The issue could occur due to calculation errors in the eBPF verifier module, triggered by user-supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter “kernel.unprivileged_bpf_disabled=1” prevents such privilege escalation by restricting access to bpf(2) call.