Hi Anant, Yup, that's what i read too. But towelroot didn't release any source code, not sure how he did it. Assume he modified the futex system call vulnerability for Android.
On Thursday, June 19, 2014 11:45:35 AM UTC+8, Anant Shrivastava wrote: > > As far as i remember TowelRoot by geohot is exploiting this specific issue. > > Please correct if i am wrong. > > > Anant Shrivastava > Web : http://anantshri.info > > > On Thu, Jun 19, 2014 at 9:01 AM, David Billa <[email protected] > <javascript:>> wrote: > >> Recently it was reported that a bug in the futex system call will lead to >> a local permission escalation vulnerability in linux. >> >> http://seclists.org/oss-sec/2014/q2/467 >> >> Does it affect the Android kernel too since it is also based on the Linux >> kernel? >> >> Anyone has any source code to test whether Android is vulnerable to this? >> >> Thanks In Advance >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Android Security Discussions" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] >> <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> Visit this group at >> http://groups.google.com/group/android-security-discuss. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
