out-of-tree v1.4.0 has been released: github.com/jollheef/out-of-tre

Added ability to preload any supported kernel module just by a URL. It can be used to develop new mitigations and test existing exploits against them.

Checkout example of usage with LKRG here: github.com/jollheef/out-of-tre


Here are results of testing exploits from github.com/jollheef/lpe with the LKRG by Openwall (openwall.com/lkrg/)

For unprepared (no code to bypass LKRG) exploits it actually works well. Only CVE-2016-5195 (aka Dirty COW) still works.


Good to know. Actually everyone is looking for an exploit that would work under LKRG as you've probably seen on the mailing list :)

Sign in to participate in the conversation

lor.sh is yet another mastodon instance.