CVE-2023-0386 PoC — Linux kernel 安全漏洞

Source

https://github.com/xkaneiki/CVE-2023-0386

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2023-0386)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于在 Linux kernel的 OverlayFS 子系统中发现了未经授权访问，用户可以将一个有执行能力的文件从一个 nosuid 挂载复制到另一个挂载，这个 uid 映射错误允许用户升级他们在系统上的权限。

Description

CVE-2023-0386在ubuntu22.04上的提权

Readme

# 编译
```bash
make all
```
# 使用
启动两个终端，在第一个终端中输入
```bash
./fuse ./ovlcap/lower ./gc
```
在第二个终端输入
```bash
./exp
```
# 效果
提权效果
![展示效果](./result.jpeg)

File Snapshot


 [4.0K]  /data/pocs/f5043771b854db47850dd23a484ca0ce978797e1
├── [3.0K]  exp.c
├── [5.5K]  fuse.c
├── [ 549]  getshell.c
├── [ 150]  Makefile
├── [4.0K]  ovlcap
├── [ 222]  README.md
└── [4.0K]  test
    ├── [ 10K]  fuse_test.c
    ├── [ 16K]  mnt
    └── [1.5K]  mnt.c

2 directories, 8 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!