CVE-2021-4154 PoC — Linux kernel 资源管理错误漏洞

Source

https://github.com/Markakd/CVE-2021-4154

Associated Vulnerability

Title:Linux kernel 资源管理错误漏洞 (CVE-2021-4154)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在资源管理错误漏洞，该漏洞源于 Linux kernel 的 cgroup v1 解析器中 kernel/cgroup/cgroup-v1.c 中的 cgroup1_parse_param() 函数中的 use-after-free 错误。本地用户可以通过 fsconfig syscall 参数执行任意代码，导致容器突破。该漏洞允许本地用户提升系统权限。

Description

CVE-2021-4154 exploit

Readme

# CVE-2021-4154

This bug was fix in https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b

This exploit works on most pre-patch kernels for:

* CentOS 8 kernels higher than linux-4.18.0-305.el8
* Debian 11 kernels higher than 5.10.0-8
* Fedora 31/32/33 kernels higher than 5.3.7-301.fc31
* Ubuntu 18/20 kernels higher than 5.4.0-84 and 5.11.0-37.41

Please feel free to send a PR to update README if you find it could work on other kernels.

File Snapshot


 [4.0K]  /data/pocs/b1533ae2310cccaff945f9984a41dbe1125773a2
├── [7.2K]  exp.c
├── [ 18K]  kctf_exp.c
├── [ 507]  README.md
└── [ 15K]  WRITEUP.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!