CVE-2024-0582 exploit# CVE-2024-0582 (PoC)
This repository contains a proof of concept for CVE-2024-0582 (page-level use after free in `io_uring`) used for academic research. It includes a kernel configuration, build and run scripts for a reproducible QEMU environment, and the PoC exploit used in my analysis.
> Use this code only in a controlled lab environment. Do not deploy it against systems you do not own or have explicit permission to test.
## Requirements
* Linux host with standard toolchain (gcc, make, etc)
* QEMU (tested with qemu-system-x86_64)
* liburing development headers
Do not run this against production or third party systems.
## Notes on the PoC
* The PoC targets a specific, out-of-date LTS kernel version (6.6.2) built with the supplied kernel config. Results will vary on other kernels or configs.
* Exploit reliability depends on system-specific allocator behaviour and kernel configuration. Check `/proc/slabinfo` and relevant kernel settings when reproducing.
* The code is presented for analysis, teaching, and responsible disclosure exercises.
[4.0K] /data/pocs/3cbf77f0482a76e50f310ff0c7ca3e15d7033cab
├── [4.3K] build_release.sh
├── [ 12M] bzImage
├── [8.4K] exp.c
├── [2.0M] initramfs.cpio.gz
├── [1.0K] lts-6.6.config
├── [1.1K] README.md
└── [ 257] run.sh
1 directory, 7 files