Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-1000112 PoC — Linux kernel 安全漏洞

Source
https://github.com/ol0273st-s/CVE-2017-1000112-Adpated
Associated Vulnerability
Title:Linux kernel 安全漏洞 (CVE-2017-1000112)
Description:Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005.
Description
POE code for CVE-2017-1000112 adapted to both funtion on a specific VM and Escape a Docker
Readme
# CVE-2017-1000112-Adpated
POE code for CVE-2017-1000112 adapted to both funtion on a specific VM and Escape a Docker
File Snapshot

 [4.0K]  /data/pocs/2598b0842639ce239b2fb75c463e68e819817cac
├── [ 24K]  Exploit.c
└── [ 118]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →