CVE-2022-2588 PoC — Linux kernel 安全漏洞

Source

https://github.com/BassamGraini/CVE-2022-2588

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2022-2588)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel route4_change存在安全漏洞，该漏洞源于释放后重用，允许本地有特权的攻击者使系统崩溃，可能导致本地特权升级问题。

Readme

# CVE-2022-2588
Code adapted for one cpu, and with a vagrant file provided to boot up a vulnerable machine used for educational purposes.


To create a vulnerable machine, you need to have [Vagrant](https://www.vagrantup.com/) installed on your machine, then execute on the repository root:
   ```sh
   Vagrant up
   ```
Wait for installation and booting then :
   ```sh
   Vagrant ssh
   ```
 
Inside the Vm:
   ```sh
   cd CVE-2022-2588/ && gcc ./exploit.c -o exploit -lpthread 
   ./exploit
   ```
then:
   ```sh
   su ensimag
   password:  #ensimag
   #
   ```
The original exploit code : [here](https://github.com/Markakd/CVE-2022-2588)

To prevent the exploit try to uncomment the line 15 and 18 and restart the process.

File Snapshot


 [4.0K]  /data/pocs/ae7c21ff367ecea5230e217816de070a6ad06e17
├── [ 261]  CMakeLists.txt
├── [ 22K]  exploit.c
├── [ 729]  README.md
└── [1.6K]  Vagrantfile

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!