Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-6516 PoC — Linux kernel 竞争条件漏洞

Source
https://github.com/wpengfei/CVE-2016-6516-exploit
Associated Vulnerability
Title:Linux kernel 竞争条件漏洞 (CVE-2016-6516)
Description:Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.
Description
An demonstration of how to exploit double-fetch vulnerability CVE-2016-6516
Readme
# CVE-2016-6516-exploit
File Snapshot

 [4.0K]  /data/pocs/0bb013f82c1294dc7b48b7c76ab89413a5e10350
├── [ 426]  cmd.txt
├── [4.0K]  crash 1024
│   ├── [289K]  屏幕快照 2017-12-06 上午10.12.00.png
│   ├── [284K]  屏幕快照 2017-12-06 上午10.15.18.png
│   ├── [219K]  屏幕快照 2017-12-06 上午10.16.02.png
│   ├── [312K]  屏幕快照 2017-12-06 上午10.20.03.png
│   └── [394K]  屏幕快照 2017-12-06 上午10.21.15.png
├── [4.0K]  crash 128
│   ├── [376K]  屏幕快照 2017-12-06 上午10.35.43.png
│   ├── [344K]  屏幕快照 2017-12-06 上午10.36.20.png
│   ├── [399K]  屏幕快照 2017-12-06 上午10.38.19.png
│   ├── [391K]  屏幕快照 2017-12-06 上午10.40.50.png
│   ├── [297K]  屏幕快照 2017-12-06 上午11.04.24.png
│   ├── [330K]  屏幕快照 2017-12-06 上午11.04.52.png
│   ├── [123K]  屏幕快照 2017-12-06 上午9.21.44.png
│   └── [230K]  屏幕快照 2017-12-06 上午9.40.25.png
├── [4.0K]  crash65535
│   ├── [244K]  屏幕快照 2017-12-06 下午4.10.52.png
│   ├── [340K]  屏幕快照 2017-12-06 下午4.13.17.png
│   └── [391K]  屏幕快照 2017-12-06 下午4.14.05.png
├── [3.1M]  CVE-2016-6516.docx
├── [3.6K]  exploit.c
├── [ 18K]  ioctl.c
├── [4.0K]  pdf
│   ├── [1.4M]  p1.eps
│   ├── [246K]  p1.pdf
│   ├── [1.4M]  p2.eps
│   ├── [239K]  p2.pdf
│   ├── [1.6M]  p3.eps
│   ├── [263K]  p3.pdf
│   ├── [2.0M]  p4.eps
│   ├── [329K]  p4.pdf
│   ├── [1.2M]  p5.eps
│   ├── [208K]  p5.pdf
│   ├── [1.8M]  p6.eps
│   ├── [287K]  p6.pdf
│   ├── [1.9M]  p7.eps
│   └── [328K]  p7.pdf
├── [  24]  README.md
├── [ 40K]  read_write.c
├── [4.0K]  Scott Bauer
│   ├── [3.1K]  doublefetch.c
│   └── [ 115]  readme
└── [ 18M]  syslog

5 directories, 39 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →