Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-35001 PoC — Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability

Source
https://github.com/syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-
Associated Vulnerability
Title:Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability (CVE-2023-35001)
Description:Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
Description
nftables oob read/write exploit (CVE-2023-35001)
Readme
# nftables oob read/write exploit (CVE-2023-35001)

Exploit used at pwn2own Vancouver 2023 on Ubuntu desktop. The exploit supports
the kernel version available at the beginning of the event (5.19.0-35).

## Requirements

* C compiler
* Go compiler

## Usage

```
# Build
$ make

# Run
$ ./exploit
```

This produces a `lpe.zip` file which can be unpacked on the target. There are
two binaries in the archive:

- **wrapper**: A C binary used to enter namespaces
- **exploit**: The actual exploit

The `exploit` file is the program that should be executed. It uses the `wrapper`
program to call itself and enter a new namespace.
File Snapshot

 [4.0K]  /data/pocs/7ccd69d0c4ba75fa04c81fe6aea2c401e427e97d
├── [ 385]  go.mod
├── [ 14K]  go.sum
├── [ 34K]  main.go
├── [ 392]  Makefile
├── [ 627]  README.md
└── [4.0K]  src
    └── [1.4K]  wrapper.c

1 directory, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →