CVE-2020-15780 PoC — Linux kernel 安全漏洞

Source

https://github.com/Annavid/CVE-2020-15780-exploit

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2020-15780)
Description:Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 5.7.7之前版本中的drivers/acpi/acpi_configfs.c文件存在安全漏洞。攻击者可通过configfs注入恶意ACPI表利用该漏洞绕过锁定和安全启动限制。

Readme

## American Unsigned Language
#### by zx2c4

These are two exploits to disable kernel lockdown via ACPI table injection.

`american-unsigned-language.sh` is for Ubuntu 18.04 Bionic's 4.15 kernel with their custom patches and uses one technique. [CVE-2019-20908](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20908).

`american-unsigned-language-2.sh` is for mainline/upstream kernels and uses a different technique. [CVE-2020-15780](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15780).

Explanation is in the headers of each script.

![Demo](https://git.zx2c4.com/american-unsigned-language/blob/demo.gif)

File Snapshot


 [4.0K]  /data/pocs/8e64deb3a9989e391a5b55e7b0b0fe173b5eb02b
├── [4.5K]  american-unsigned-language-2.sh
├── [6.0K]  american-unsigned-language.sh
├── [206K]  demo.gif
└── [ 627]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!