A Windows driver capcom.sys
has been making the news
in the last few days, and I thought it would be a fun exercise to do the
equivalent on Linux.
It appears that this works with Linux 4.0 or later, but I don't make any guarantees. It would be simple to support other versions, but I consider it to be a security feature if this fails to build on a given platform.
$ make -C /lib/modules/$(uname -r)/build M=$PWD
After inserting the module, you can run ./exploit
as an unprivileged user to
see a message printed in dmesg
, demonstrating that kernel security is
completely undermined.
I do not play Street Fighter V, nor have I even seen a copy of capcom.sys
.
This was designed solely based on
a tweet and
a Reddit comment
describing its behavior.