This repo contains an old poc that combines three CVEs (CVE-2017-14954, CVE-2017-18344, CVE-2017-5123). The poc is a Local Privilege Escalation for Linux Kernel 4.13 (tested on Ubuntu).
The exploit uses an info leak (CVE-2017-14954) to bypass KASLR, an arbitrary read (CVE-2017-18344) to read the kernel memory looking for the struct cred
for user with uid 1000 (non privileged) and uses the buggy waitid
system call (CVE-2017-5123) to overwrite the uid value with 0 (root).
I'm not the original author of the three exploits, I just combined them as an exercise.