CVE-2018-6242 PoC — NVIDIA Tegra移动处理器BootROM Recovery Mode 缓冲区错误漏洞

Source

https://github.com/ChrisFigura/react-tegra-payload-launcher

Associated Vulnerability

Title:NVIDIA Tegra移动处理器BootROM Recovery Mode 缓冲区错误漏洞 (CVE-2018-6242)
Description:NVIDIA Tegra mobile processors是美国英伟达（NVIDIA）公司的一款中央处理器产品。BootROM Recovery Mode（RCM）是其中的一个能够对数据进行修改的工程模式组件。 NVIDIA Tegra移动处理器2016之前版本中的RCM存在缓冲区溢出漏洞。攻击者可利用该漏洞执行未验证的代码。

Description

A WebUSB based payload launcher for devices vulnerable to CVE-2018-6242

File Snapshot


 [4.0K]  /data/pocs/45913e1d42d6d1ef0eddfbc8e79d4d62e84327f4
├── [1.0K]  LICENSE.txt
├── [ 988]  package.json
├── [558K]  package-lock.json
├── [4.0K]  public
│   ├── [ 772]  index.html
│   ├── [ 197]  manifest.json
│   ├── [  69]  robots.txt
│   └── [4.0K]  static
│       └── [4.0K]  payloads
│           ├── [123K]  hekate_ctcaer_5.0.1.bin
│           └── [120K]  hekate_ctcaer_5.2.1.bin
├── [4.0K]  src
│   ├── [4.0K]  app
│   │   ├── [ 299]  App.css
│   │   └── [4.2K]  App.tsx
│   ├── [4.0K]  devices
│   │   ├── [ 425]  NintendoSwitch.tsx
│   │   └── [3.7K]  TegraDevice.tsx
│   ├── [ 269]  index.css
│   ├── [ 528]  index.tsx
│   ├── [4.0K]  payloads
│   │   └── [3.6K]  Payload.tsx
│   ├── [  40]  react-app-env.d.ts
│   └── [5.2K]  serviceWorker.ts
├── [ 491]  tsconfig.json
└── [478K]  yarn.lock

7 directories, 19 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!