mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.0 KiB
1.0 KiB
CVE-2017-3196
Description
PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges.
POC
Reference
- http://blog.rewolf.pl/blog/?p=1778
- https://www.itsecuritynews.info/vuln-printing-communications-association-rawether-cve-2017-3196-local-privilege-escalation-vulnerability/
- https://www.kb.cert.org/vuls/id/600671
Github
No PoCs found on GitHub currently.