CVE-2020-27194 PoC — Linux kernel 缓冲区错误漏洞

Source

https://github.com/xmzyshypnc/CVE-2020-27194

Associated Vulnerability

Title:Linux kernel 缓冲区错误漏洞 (CVE-2020-27194)
Description:Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 5.8.15之前版本存在安全漏洞，该漏洞源于scalar32_min_max_or in kernel/bpf/verifier.c 使用64位值时错误地处理了边界跟踪。

Description

my exp for CVE-2020-27194, tested on linux kernel 5.8.14.

Readme

# CVE-2020-27194
my exp for CVE-2020-27194, tested on linux kernel 5.8.14.

More details : https://ama2in9.top/2020/12/14/CVE-2020-27194/
# reference

[CVE-2020-8835 pwn2own 2020 ebpf 提权漏洞分析](https://www.anquanke.com/post/id/203416) 

[CVE-2020-8835 pwn2own 2020 ebpf 通过任意读写提权分析](https://xz.aliyun.com/t/7690)

File Snapshot


 [4.0K]  /data/pocs/13238692db6163381df5c357b2eb39144aa30701
├── [8.8M]  bzImage
├── [4.5M]  initramfs.cpio
├── [ 12K]  modprobe.c
├── [ 343]  README.md
├── [ 18K]  root.c
└── [ 215]  start.sh

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!