CVE-2018-6242 PoC — NVIDIA Tegra移动处理器BootROM Recovery Mode 缓冲区错误漏洞

Source

Associated Vulnerability

Title:NVIDIA Tegra移动处理器BootROM Recovery Mode 缓冲区错误漏洞 (CVE-2018-6242)
Description:NVIDIA Tegra mobile processors是美国英伟达（NVIDIA）公司的一款中央处理器产品。BootROM Recovery Mode（RCM）是其中的一个能够对数据进行修改的工程模式组件。 NVIDIA Tegra移动处理器2016之前版本中的RCM存在缓冲区溢出漏洞。攻击者可利用该漏洞执行未验证的代码。

Description

Implementation of CVE-2018-6242 (AKA Fusée Gelée, AKA shofel2)

Readme

This repository contains the source code for the fusee-toy project, 
my basic implementation of CVE-2018-6242 (AKA Fusée Gelée, AKA shofel2.) It was written in January 2021 to better my knowledge of the vulnerability.

This implementation has been built using the [fusee-nano](https://github.com/DavidBuchanan314/fusee-nano) and
[fusee-launcher](https://github.com/Qyriad/fusee-launcher) projects as reference. 
It is built to work on modern Linux environments.

File Snapshot


 [4.0K]  /data/pocs/5ab33a32775f25c959d5af3e427925ef780fe2df
├── [ 385]  CMakeLists.txt
├── [ 34K]  LICENSE
├── [1.7K]  main.cpp
├── [4.4K]  PayloadConstructor.cpp
├── [2.8K]  PayloadConstructor.h
├── [ 463]  README.md
├── [1.2K]  UsbComms.cpp
├── [2.8K]  UsbComms.h
├── [5.7K]  UsbCommsLinux.cpp
└── [2.1K]  UsbCommsLinux.h

0 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!