admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2021/CVE-2021-33909.md
0xMarcio 8654f5abb7 Update CVE sources 2024-08-11 18:44
2024-08-11 18:44:53 +00:00

59 lines
3.0 KiB
Markdown
Raw Blame History

### [CVE-2021-33909](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33909)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
### POC
#### Reference
- http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
- http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
- https://www.openwall.com/lists/oss-security/2021/07/20/1
- https://www.oracle.com/security-alerts/cpujan2022.html
#### Github
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ChoKyuWon/exploit_articles
- https://github.com/ChrisTheCoolHut/CVE-2021-33909
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/Liang2580/CVE-2021-33909
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/baerwolf/cve-2021-33909
- https://github.com/bbinfosec43/CVE-2021-33909
- https://github.com/gitezri/LinuxVulnerabilities
- https://github.com/hac425xxx/heap-exploitation-in-real-world
- https://github.com/hardenedvault/ved
- https://github.com/huike007/penetration_poc
- https://github.com/joydo/CVE-Writeups
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/knewbury01/codeql-workshop-integer-conversion
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/ndk06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sfowl/deep-directory
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
Reference in New Issue View Git Blame Copy Permalink