Comment 8 for bug 959842

Daniel Dadap (ddadap) wrote :

Examination of the exploit code helped us to identify the driver vulnerability that it attacks, and we're testing some driver changes right now and to ensure that they'll be able to block this attack; however, we haven't yet actually gotten the exploit to successfully find the payload, when compiled exactly as written.

We are able to find the payload if we remove the hardcoded offsets to pmem and instead loop over the mapped memory, but for completeness, we want to be able to reproduce with the code exactly it was provided: for reference, what kind of system was this exploit originally developed for, running which kernel version, etc?

(An nvidia-bug-report.log file will capture other details we may be interested in, so if one can be provided, that would be helpful.)