CVE-2022-34918 PoC — Linux kernel 安全漏洞

Source

https://github.com/merlinepedra/CVE-2022-34918-LPE-PoC

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2022-34918)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。netfilter是一款使用在Linux系统中的数据包过滤框架。 Linux kernel 5.18.9版本及之前版本存在安全漏洞，该漏洞源于。本地攻击者利用该漏洞使用 nft_set_elem_init 中的类型混淆错误（导致缓冲区溢出）来提升权限。

Readme

# CVE-2022-34918 LPE PoC

LPE exploit for CVE-2022-34918.
This exploit has been written for the kernel `Linux ubuntu 5.15.0-39-generic`

You can find the associated write-up on our [blog](https://randorisec.fr/crack-linux-firewall/)

## Usage

`get_root` should be in the current folder

```
$ ls
get_root poc
$ ./poc
```

File Snapshot


 [4.0K]  /data/pocs/ff428273a2be54dd17c6c0259c798849c69d9f59
├── [4.0K]  get_root_src
│   └── [ 227]  get_root.c
├── [4.0K]  inc
│   ├── [1.2K]  keyring.h
│   ├── [ 158]  log.h
│   ├── [ 163]  modprobe.h
│   ├── [1020]  netlink.h
│   ├── [ 599]  nf_tables.h
│   ├── [ 587]  simple_xattr.h
│   ├── [ 700]  uring.h
│   └── [ 209]  util.h
├── [ 444]  Makefile
├── [ 322]  README.md
└── [4.0K]  src
    ├── [3.5K]  keyring.c
    ├── [4.0K]  main.c
    ├── [2.6K]  modprobe.c
    ├── [3.5K]  netlink.c
    ├── [ 12K]  nf_tables.c
    ├── [1.4K]  simple_xattr.c
    ├── [1.3K]  uring.c
    └── [1.8K]  util.c

3 directories, 19 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!