关联漏洞
描述
CVE-2024-0582 exploit
介绍
# CVE-2024-0582 (PoC)
This repository contains a proof of concept for CVE-2024-0582 (page-level use after free in `io_uring`) used for academic research. It includes a kernel configuration, build and run scripts for a reproducible QEMU environment, and the PoC exploit used in my analysis.
> Use this code only in a controlled lab environment. Do not deploy it against systems you do not own or have explicit permission to test.
## Requirements
* Linux host with standard toolchain (gcc, make, etc)
* QEMU (tested with qemu-system-x86_64)
* liburing development headers
Do not run this against production or third party systems.
## Notes on the PoC
* The PoC targets a specific, out-of-date LTS kernel version (6.6.2) built with the supplied kernel config. Results will vary on other kernels or configs.
* Exploit reliability depends on system-specific allocator behaviour and kernel configuration. Check `/proc/slabinfo` and relevant kernel settings when reproducing.
* The code is presented for analysis, teaching, and responsible disclosure exercises.
文件快照
[4.0K] /data/pocs/3cbf77f0482a76e50f310ff0c7ca3e15d7033cab
├── [4.3K] build_release.sh
├── [ 12M] bzImage
├── [8.4K] exp.c
├── [2.0M] initramfs.cpio.gz
├── [1.0K] lts-6.6.config
├── [1.1K] README.md
└── [ 257] run.sh
0 directories, 7 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。