CVE-2022-2639 PoC — Linux kernel 数字错误漏洞

Source

https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639

Associated Vulnerability

Title:Linux kernel 数字错误漏洞 (CVE-2022-2639)
Description:An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Readme

# Detection-and-Mitigation-for-CVE-2022-2639

#Description

The Open vSwitch kernel module allows flexible userspace control over flow-level packet processing on selected network devices. It can be used to implement a plain Ethernet switch, network device bonding, VLAN processing, network access control, flow-based network control etc. It is recommended to disable this kernel module if not in use, to prevent attacks

## Installation

```bash
wget https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639.git
```
    
## Usage

```bash
  ./CVE2022-2639.sh 
```

File Snapshot


 [4.0K]  /data/pocs/510968991cfdaad09d3a37ecbcdc9caf85390f1b
├── [ 793]  CVE2022-2639.sh
├── [1.0K]  LICENSE
└── [ 584]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!