Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-3609 PoC — Use-after-free in Linux kernel's net/sched: cls_u32 component

Source
https://github.com/Jturnxd/CVE-2023-3609
Associated Vulnerability
Title:Use-after-free in Linux kernel's net/sched: cls_u32 component (CVE-2023-3609)
Description:A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
File Snapshot

 [4.0K]  /data/pocs/8725e44d5463ca06e75e8b8be710dbda727e3b6c
├── [4.0K]  docs
│   ├── [7.4K]  exploit.md
│   └── [ 980]  vulnerability.md
├── [4.0K]  exploit
│   ├── [4.0K]  cos-97-16919.294.28
│   │   ├── [ 17M]  bzImage
│   │   ├── [938K]  exploit
│   │   ├── [ 608]  foo.o
│   │   ├── [ 262]  foo.s
│   │   ├── [1.2K]  ip0
│   │   ├── [ 152]  ip1
│   │   ├── [ 398]  Makefile
│   │   ├── [1.5M]  poc
│   │   ├── [ 528]  POC
│   │   ├── [9.3K]  poc.c
│   │   ├── [937K]  poc.tar.gz
│   │   ├── [862K]  root
│   │   ├── [1.0K]  root.c
│   │   ├── [  78]  run.sh
│   │   ├── [3.8K]  sc.h
│   │   └── [2.2K]  sc.py
│   └── [4.0K]  mitigation-6.1
│       ├── [737K]  exploit
│       ├── [ 608]  foo.o
│       ├── [ 262]  foo.s
│       ├── [1.2K]  ip0
│       ├── [ 152]  ip1
│       ├── [ 398]  Makefile
│       ├── [964K]  poc
│       ├── [ 528]  POC
│       ├── [8.9K]  poc.c
│       ├── [736K]  poc.tar.gz
│       ├── [862K]  root
│       ├── [1.0K]  root.c
│       ├── [  78]  run.sh
│       ├── [3.8K]  sc.h
│       └── [2.3K]  sc.py
├── [1.2K]  metadata.json
└── [ 37M]  original.tar.gz

4 directories, 35 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →