Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-11176 PoC — Linux kernel 安全漏洞

Source
https://github.com/leonardo1101/cve-2017-11176
Associated Vulnerability
Title:Linux kernel 安全漏洞 (CVE-2017-11176)
Description:The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
Readme
# cve-2017-11176
<h3> Public Information </h3>
<p>The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.</p>

<b>Status:</b>
- [x] Force netlink_attachskb() to return 1
- [x] Unblock the exploit thread
- [x] Force the second fget() call to return NULL
- [ ] Create the exploit

<b>Reference:</b>
[A step-by-step Linux Kernel exploitation](https://blog.lexfo.fr/cve-2017-11176-linux-kernel-exploitation-part1.html)
File Snapshot

 [4.0K]  /data/pocs/31f088b6a31403c4706a920120e115b8a36e82b5
├── [7.6K]  exploit.c
├── [3.2K]  mqnotify.stp
└── [ 644]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →