Credit - RedHat Product Security Team discovered this issue.
There is lot of discussion going about CVE-2018-14665 exploitation using -logfile but second vulnerable option “modulepath” is almost ignored.
CVE-2018-14665 can be exploited in another way using “-modulepath” option which allows user to load and execute malicious code as root !!
Collect Xorg X Server loaded modules information
Xorg X Server loads various modules during startup. For this demo we will be using -
Create small shell module
Load our malicious shell module
wait for few seconds and you will be dropped into root shell!