Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-2598
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于文件io_uring存在问题,攻击者利用该漏洞可以进行越权访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-Kernel Kernel prior to 6.4-rc1 -
II. Public POCs for CVE-2023-2598
#POC DescriptionSource LinkShenlong Link
1LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598POC Details
2Nonehttps://github.com/cainiao159357/CVE-2023-2598POC Details
3Nonehttps://github.com/LLfam/CVE-2023-2598POC Details
4The exploitation of CVE-2023-2598 about io_uringhttps://github.com/SpongeBob-369/CVE-2023-2598POC Details
5复现文章网上很多师傅有写,这里就不献丑了,本exploit交互使用的代码是kernel提供的做小改动,由于漏洞提供的原语比较强大,都能直接越界任意写一张内存页以上的空间,所以利用手法比较简单实用,选用的size是4k页大小,直接堆喷filp篡改/etc/passwdhttps://github.com/guard-wait/CVE-2023-2598_EXPPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-2598
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: Kernel
Same vendor: n/a
Same weakness: CWE-416
V. Comments for CVE-2023-2598

No comments yet

Leave a comment