From owner-freebsd-security@FreeBSD.ORG  Tue Aug 13 19:53:15 2013
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 233DCBEE
 for <freebsd-security@freebsd.org>; Tue, 13 Aug 2013 19:53:15 +0000 (UTC)
 (envelope-from andersonc0d3@gmail.com)
Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com
 [IPv6:2a00:1450:400c:c05::234])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id B16B1208E
 for <freebsd-security@freebsd.org>; Tue, 13 Aug 2013 19:53:14 +0000 (UTC)
Received: by mail-wi0-f180.google.com with SMTP id f14so1098307wiw.7
 for <freebsd-security@freebsd.org>; Tue, 13 Aug 2013 12:53:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:from:date:message-id:subject:to:content-type;
 bh=ppaErGuXOb1Y4XXLLcdIKU6tKcNWAO88/IIlregkerA=;
 b=OjkyJiwN2kAL4vcjn0gGZy/ZYZBQWEdwk9zpGFnG84uYQnoU3noa3Kpv2EwJDMusoA
 Zd8Sfw5G46pbi8lJgbb0zOGhmnsfU8Q+P8boWzac8wgajOv4S6s4hFj5hONl2wvfhDxZ
 nxnGspqJVeJqvnYtyUanzz+Zm8YkUFuGznIbi5gDBDzODeJoULxo1pqrobdO4Qpl7QBm
 VvEnPGX2FwcHyGS6VMXI2sm9JHCI1zUKhJV3PNre596ChM3Jxkf4r4FcOAG0poU7dx51
 ZXASag/wcDPdIYYWuM84nu32Bc6cUupiTm2U2OKedGnb7YcZtZWpn3TNMMpY++Nq/K44
 72Eg==
X-Received: by 10.180.94.106 with SMTP id db10mr561971wib.38.1376423593026;
 Tue, 13 Aug 2013 12:53:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.200.106 with HTTP; Tue, 13 Aug 2013 12:52:32 -0700 (PDT)
From: Anderson Eduardo <andersonc0d3@gmail.com>
Date: Tue, 13 Aug 2013 16:52:32 -0300
Message-ID: <CANUJ=y=+6p8W=ky1NVy64+AH10nKMZAvoghq4HwX3EarJGxN_A@mail.gmail.com>
Subject: Exploit for CVE-2012-4576 - Linux ioctl handling
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2013 19:53:15 -0000

Hey guys,

I wrote an exploit for the CVE-2012-4576, it's an old and already patched
vulnerability but I am sharing it if someone still is interested.

https://github.com/andersonc0d3/exploits/blob/master/exploits/CVE-2012-4576-linux/CVE-2012-4576-linux.c

https://www.youtube.com/watch?v=eKSu1nQRtQg
-- 
Anderson Eduardo