Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-13272 PoC — Linux kernel 权限许可和访问控制问题漏洞

Source
https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability
Associated Vulnerability
Title:Linux kernel 权限许可和访问控制问题漏洞 (CVE-2019-13272)
Description:In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
Description
Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287
Readme
# Exploiting-a-Linux-kernel-vulnerability - IT19159140

Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287

Absolutely, I always choose Linux vulnerability, but then I had to choose different vulnerability else because I didn't know two people could do the same thing And then Having learned of this, I chose a different vulnerability, But because I had already solved that. This will include the report I did before and the new one I did later I've decided to include it separately Because I can't throw it away. Please  request that you check  both vulnerability report and come up with an idea
File Snapshot

 [4.0K]  /data/pocs/94c68f9c836f626f40a39a253e01441c6879c917
├── [1.6M]  IT19159140 -Linux.pdf
└── [ 638]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →