mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
4.4 KiB
4.4 KiB
CVE-2022-34918
Description
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
POC
Reference
- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html
- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html
- http://www.openwall.com/lists/oss-security/2022/07/05/1
- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452@randorisec.fr/T/#u
- https://www.openwall.com/lists/oss-security/2022/07/02/3
- https://www.randorisec.fr/crack-linux-firewall/
Github
- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IdanBanani/ELF-Injection-Shellcode-Bridgehead
- https://github.com/IdanBanani/ELF-Processs-Injection-Linux-Android
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Ly0nt4r/OSCP
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Sechack06/CVE-2022-34918
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/WhooAmii/POC_to_review
- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/bsauce/kernel-security-learning
- https://github.com/dkb4rb/KernelExploiting
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/exfilt/CheatSheet
- https://github.com/felixfu59/kernel-hack
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/klemakle/audit-pentest-BOX
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/lanleft/CVE-2023-1829
- https://github.com/lanleft/CVE2023-1829
- https://github.com/linulinu/CVE-2022-34918
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/merlinepedra/CVE-2022-34918-LPE-PoC
- https://github.com/merlinepedra25/CVE-2022-34918-LPE-PoC
- https://github.com/ndk06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/oscpname/OSCP_cheat
- https://github.com/parth45/cheatsheet
- https://github.com/purplewall1206/ERA-eBPF-assisted-Randomize-Allocator
- https://github.com/randorisec/CVE-2022-34918-LPE-PoC
- https://github.com/revanmalang/OSCP
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/tr3ss/gofetch
- https://github.com/trhacknon/CVE-2022-34918-LPE-PoC
- https://github.com/trhacknon/Pocingit
- https://github.com/txuswashere/OSCP
- https://github.com/veritas501/CVE-2022-34918
- https://github.com/whoforget/CVE-POC
- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xhref/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve