Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-3636 PoC — Linux kernel 权限许可和访问控制问题漏洞

Source
https://github.com/a7vinx/CVE-2015-3636
Associated Vulnerability
Title:Linux kernel 权限许可和访问控制问题漏洞 (CVE-2015-3636)
Description:The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.
Description
Expolit for android (goldfish kernel v3.10.0+) on arm64 with PXN&SELinux Bypassed. Based on fi01's code.
File Snapshot

 [4.0K]  /data/pocs/b0398e13f38e62f2c786408f8c8da68d23b3f011
├── [ 245]  Android.mk
├── [5.6K]  getroot.c
├── [5.7M]  Image
└── [ 21K]  poc.c

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →