Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2024-0582 PoC — Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap

Source
https://github.com/0ptyx/cve-2024-0582
Associated Vulnerability
Title:Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap (CVE-2024-0582)
Description:A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Readme
# PoC for CVE-2024-0582

While learning about the iouring interface, I decided to create a PoC for [CVE-2024-0582](https://nvd.nist.gov/vuln/detail/CVE-2024-0582). All of this work is derived directly from the CVE information, the [patch](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c392cbecd8eca4c53f2bf508731257d9d0a21c2d) and a few other write ups related to io uring -- particularly Chompie's write up of [CVE-2021-41073](https://chomp.ie/Blog+Posts/Put+an+io_uring+on+it+-+Exploiting+the+Linux+Kernel).
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →