CVE-2013-2072 PoC — Xen ‘xc_vcpu_setaffinity()’函数缓冲区溢出漏洞

Source

https://github.com/bl4ck5un/cve-2013-2072

Associated Vulnerability

Title:Xen ‘xc_vcpu_setaffinity()’函数缓冲区溢出漏洞 (CVE-2013-2072)
Description:Xen是英国剑桥大学开发的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上，并支持在运行时进行迁移，保证正常运行并且避免宕机。 Xen 4.0.x，4.1.x以及4.2.x版本中的xc_vcpu_setaffinity调用的Python绑定中存在缓冲区溢出漏洞。拥有本地管理员权限和配置VCPU亲合力权限的攻击者可借助特制的cpumap，利用该漏洞造成拒绝服务（内存破坏以及xend toolstack崩溃）。

Description

Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen

File Snapshot


 [4.0K]  /data/pocs/ddef1eaf42a3e45e7cc785547f63234582567fb4
├── [ 208]  command
├── [4.0K]  CVE2072
│   ├── [1.2K]  getinfo.txt
│   ├── [4.0K]  git
│   ├── [4.0K]  invokation
│   │   ├── [1.3K]  invoke-1.py
│   │   ├── [3.7K]  Invoke-2.py
│   │   ├── [1.1K]  result.txt
│   │   ├── [1.5K]  target.c
│   │   └── [ 903]  test.py
│   ├── [1.1K]  On meeting.txt
│   ├── [ 96K]  xc.c
│   ├── [1.7K]  xsa56.patch
│   └── [ 18K]  漏洞分组.docx
├── [4.0K]  exploit
│   ├── [ 130]  asm.c
│   ├── [ 396]  test-chunk.c
│   ├── [ 977]  test-get-info.py
│   └── [ 800]  try_free.c
├── [  18]  get_log.sh -> scripts/get_log.sh
├── [4.0K]  patch
│   ├── [   0]  Dec13.22
│   └── [4.5K]  Dec13.22:39.patch
├── [4.0K]  ref
│   └── [162K]  malloc.c
├── [4.0K]  report
│   ├── [6.5K]  heap.c
│   ├── [9.4K]  heap-overflow.tex
│   └── [  35]  Makefile
├── [4.0K]  result
│   ├── [  17]  heap_dump.dat
│   ├── [2.4K]  result.txt
│   ├── [ 373]  user.log
│   └── [ 27K]  xend.log
└── [4.0K]  scripts
    ├── [ 158]  get_log.sh
    └── [ 229]  install-essential.sh

9 directories, 28 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!