CVE-2022-2639 PoC — Linux kernel 数字错误漏洞

Source

https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639

Associated Vulnerability

Title:Linux kernel 数字错误漏洞 (CVE-2022-2639)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在数字错误漏洞，该漏洞源于在 openvswitch 内核模块中发现整数强制错误。给定足够多的操作，在为新流的新操作复制和保留内存时，reserve_sfa_size() 函数不会按预期返回 -EMSGSIZE，这可能会导致越界写入访问。此漏洞允许本地用户崩溃或可能提升他们在系统上的权限。

Readme

# Detection-and-Mitigation-for-CVE-2022-2639

#Description

The Open vSwitch kernel module allows flexible userspace control over flow-level packet processing on selected network devices. It can be used to implement a plain Ethernet switch, network device bonding, VLAN processing, network access control, flow-based network control etc. It is recommended to disable this kernel module if not in use, to prevent attacks

## Installation

```bash
wget https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639.git
```
    
## Usage

```bash
  ./CVE2022-2639.sh 
```

File Snapshot


 [4.0K]  /data/pocs/510968991cfdaad09d3a37ecbcdc9caf85390f1b
├── [ 793]  CVE2022-2639.sh
├── [1.0K]  LICENSE
└── [ 584]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!