mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
2.9 KiB
2.9 KiB
CVE-2021-33909
Description
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
POC
Reference
- http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
- http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
- https://www.openwall.com/lists/oss-security/2021/07/20/1
- https://www.oracle.com/security-alerts/cpujan2022.html
Github
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ChoKyuWon/exploit_articles
- https://github.com/ChrisTheCoolHut/CVE-2021-33909
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/Liang2580/CVE-2021-33909
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/baerwolf/cve-2021-33909
- https://github.com/bbinfosec43/CVE-2021-33909
- https://github.com/gitezri/LinuxVulnerabilities
- https://github.com/hac425xxx/heap-exploitation-in-real-world
- https://github.com/hardenedvault/ved
- https://github.com/huike007/penetration_poc
- https://github.com/joydo/CVE-Writeups
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/knewbury01/codeql-workshop-integer-conversion
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sfowl/deep-directory
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC