CVE-2021-4154 PoC — Linux kernel 资源管理错误漏洞

Source

https://github.com/veritas501/CVE-2021-4154

Associated Vulnerability

Title:Linux kernel 资源管理错误漏洞 (CVE-2021-4154)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在资源管理错误漏洞，该漏洞源于 Linux kernel 的 cgroup v1 解析器中 kernel/cgroup/cgroup-v1.c 中的 cgroup1_parse_param() 函数中的 use-after-free 错误。本地用户可以通过 fsconfig syscall 参数执行任意代码，导致容器突破。该漏洞允许本地用户提升系统权限。

Description

CVE-2021-4154

Readme

# CVE-2021-4154

![](success.png)

File Snapshot


 [4.0K]  /data/pocs/513d7941d39e12aef22249dbcae1c3815fc24a60
├── [ 271]  boot.sh
├── [9.1M]  bzImage
├── [125K]  config
├── [909K]  exp
├── [6.9K]  exp.c
├── [ 157]  Makefile
├── [  34]  README.md
├── [5.4M]  rootfs.cpio
└── [ 31K]  success.png

0 directories, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!