From b64a2f393c5e55d6684a008e55f2e0be58a28718 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Tue, 2 Jan 2018 22:51:14 +0700 Subject: [PATCH] Add blog post of waitd() exploitation escaping Docker --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4b6ff8a..c1b5996 100644 --- a/README.md +++ b/README.md @@ -86,6 +86,7 @@ My curated list of awesome links, resources and tools - [CVE-2017-2636: exploit the race condition in the n_hdlc Linux kernel driver bypassing SMEP](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html) - [Dirty COW and why lying is bad even if you are the Linux kernel](https://chao-tic.github.io/blog/2017/05/24/dirty-cow) - [Enumeration for Linux Privilege Escalation](https://0x00sec.org/t/enumeration-for-linux-privilege-escalation/1959) +- [Escaping Docker container using waitid() – CVE-2017-5123](https://www.twistlock.com/2017/12/27/escaping-docker-container-using-waitid-cve-2017-5123/) - [Exploit Dev 0x01 | 64-bit Linux Stack Buffer Overflow](http://badbytes.io/2017/02/15/exploit-dev-0x01-64-bit-linux-stack-buffer-overflow/) - [Exploiting the Linux kernel via packet sockets](https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html) - [Kernel Exploitation | Dereferencing a NULL pointer!](https://0x00sec.org/t/kernel-exploitation-dereferencing-a-null-pointer/3850)