Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-2639 PoC — Linux kernel 数字错误漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Linux%20openvswitch%20%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%20CVE-2022-2639.md
Associated Vulnerability
Title:Linux kernel 数字错误漏洞 (CVE-2022-2639)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在数字错误漏洞,该漏洞源于在 openvswitch 内核模块中发现整数强制错误。 给定足够多的操作,在为新流的新操作复制和保留内存时,reserve_sfa_size() 函数不会按预期返回 -EMSGSIZE,这可能会导致越界写入访问。 此漏洞允许本地用户崩溃或可能提升他们在系统上的权限。
File Snapshot

 # Linux openvswitch 权限提升漏洞 CVE-2022-2639

## 漏洞描述

由于 openvswitch 模块在处理大量actions的情况下,可能存在越界写入漏洞,本地经过

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.