From 301bf5efc4b4c784d16ba495b6b8b1ed75200b88 Mon Sep 17 00:00:00 2001
From: Werner Sembach <werner.sembach@fau.de>
Date: Fri, 26 Oct 2018 16:35:34 +0200
Subject: [PATCH] Update README and compile.sh

---
 README.md  | 21 ---------------------
 compile.sh |  2 +-
 2 files changed, 1 insertion(+), 22 deletions(-)

diff --git a/README.md b/README.md
index afc331d..2a75592 100644
--- a/README.md
+++ b/README.md
@@ -1,24 +1,3 @@
-### CVE-2017-8890
-Vulnerable kernel version:
-- 3.10.105
-- 3.18.55
-- 4.4.70
-
-vuln in inet_csk_clone_lock in net/ipv4/inet_connection_sock.c
-- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/inet_connection_sock.c#L674
-
-mc_list set in ip_mc_join_group in net/ipv4/igmp.c
-- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L1788
-
-freed in sock_close > sock_release > (sock->ops->release) > inet_release in net/ipv4/af_inet.c (found using gdb)
-- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/af_inet.c#L427
-
-exact free of mc_list somewhow in ip_mc_drop_socket using kfree_rcu
-- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L2297
-
-Using overwritten function pointer:
-- Jop, Rop? How to get arbitrary read/write
-
 ### GDB Commands
 ```
 aarch64-linux-gnu-gdb linux-3.10.105/vmlinux
diff --git a/compile.sh b/compile.sh
index 6703fe9..91ea9a8 100755
--- a/compile.sh
+++ b/compile.sh
@@ -4,6 +4,6 @@ SCRIPTDIR=$(dirname "$0")
 
 cd $SCRIPTDIR/busybox-1.29.3/_install/
 cp ../../rcS etc/init.d/rcS
-aarch64-linux-gnu-gcc ../../CVE-2017-8890_PoC.c -o CVE-2017-8890_PoC -static -pthread -O0
+aarch64-linux-gnu-gcc ../../../MoreFreedomRoot/CVE-2017-8890_PoC.c -o CVE-2017-8890_PoC -static -pthread -O0
 aarch64-linux-gnu-gcc ../../test_multicast.c -o test_multicast -static -pthread -O0
 find . | cpio -o --format=newc > ../rootfs.img
-- 
GitLab