Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-2588 PoC — Linux kernel 安全漏洞

Source
https://github.com/pirenga/2022-LPE-UAF
Associated Vulnerability
Title:Linux kernel 安全漏洞 (CVE-2022-2588)
Description:It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Description
CVE-2022-2588,CVE-2022-2586,CVE-2022-2585
Readme
# 2022-LPE-UAF

Untested POC code


Security researchers discovered 3 vulnerabilities in the Linux kernel that could allow a local attacker to elevate privileges and potentially execute malicious code. The proof-of-concept code is publicly available increasing the likelihood of exploitation in the wild. 

##### Paper on Dirtycred by Zhenpeng
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf

Patches for DirtyCred and the public release of the PoC https://github.com/Markakd/DirtyCred

CVE-2022-2585 - Linux kernel POSIX CPU timer UAF 'PoC' code source:
https://seclists.org/oss-sec/2022/q3/133

CVE-2022-2586 - Linux kernel nf_tables cross-table reference UAF 'PoC' code source:
https://seclists.org/oss-sec/2022/q3/131

Linux kernel cls_route UAF 'PoC' code source:
https://seclists.org/oss-sec/2022/q3/132
File Snapshot

 [4.0K]  /data/pocs/b37f7a18e4e69e1f076b2d9f117e0f7dcf8d6a9c
├── [ 977]  CVE-2022-2585.c
├── [5.3K]  CVE-2022-2586.c
├── [5.7K]  dirtycred.c
└── [ 809]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →