Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0324 PoC — sonic-buildimage 安全漏洞

Source
https://github.com/ngtuonghung/CVE-2022-0324
Associated Vulnerability
Title:sonic-buildimage 安全漏洞 (CVE-2022-0324)
Description:sonic-buildimage是SONiC开源的一个库。为 SONiC 执行可安装二进制映像构建的脚本 sonic-buildimage 存在安全漏洞,该漏洞源于DHCPv6数据包解析代码中存在一个漏洞,攻击者利用该漏洞可以制作一个数据包,导致 memcpy 调用中的缓冲区溢出,从而导致内存写入越界,从而导致 dhcp6relay 崩溃。
Description
PoC for CVE-2022-0324: Buffer Overflow in dhcp6relay of SONiC
Readme
# cve-2022-0324

https://ngtuonghung.github.io/blog/research/cve-2022-0324/
File Snapshot

 [4.0K]  /data/pocs/e698fc0ab4398c37a59a724d0ec03b82743d559d
├── [ 283]  add_ipv6_addresses.sh
├── [1.3K]  Dockerfile
├── [ 563]  exploit.py
└── [  76]  README.md

1 directory, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.