Paul Starzetz says, a locally exploitable flaw has been found in the Linux ELF binary format loader’s core dump function that allows local users to gain root privileges and also execute arbitrary code at kernel privilege level. The Linux kernel contains a binary format loader layer to load (execute) programs in different binary formats like ELF or a.out. Some of the binary format modules like ELF provide an additional function to the kernel layer named core_dump(). The kernel may call this function if a fault (e.g. memory access error) occurs during the execution of the binary. The core_dump() function will be called by the kernel, if the process’s limit for the core file (RLIMIT_CORE) is sufficiently high and the process’s binary format supports core dumping. Read more.