mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
2.8 KiB
2.8 KiB
CVE-2024-1086
Description
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
POC
Reference
- https://github.com/Notselwyn/CVE-2024-1086
- https://github.com/Notselwyn/CVE-2024-1086
- https://news.ycombinator.com/item?id=39828424
- https://news.ycombinator.com/item?id=39828424
- https://pwning.tech/nftables/
- https://pwning.tech/nftables/
Github
- https://github.com/0xsyr0/OSCP
- https://github.com/Alicey0719/docker-POC_CVE-2024-1086
- https://github.com/BachoSeven/stellestelline
- https://github.com/CCIEVoice2009/CVE-2024-1086
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GhostTroops/TOP
- https://github.com/Hiimsonkul/Hiimsonkul
- https://github.com/Notselwyn/CVE-2024-1086
- https://github.com/Notselwyn/exploits
- https://github.com/Notselwyn/notselwyn
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/TigerIsMyPet/KernelExploit
- https://github.com/YgorAlberto/ygoralberto.github.io
- https://github.com/Zombie-Kaiser/Zombie-Kaiser
- https://github.com/aneasystone/github-trending
- https://github.com/aobakwewastaken/aobakwewastaken
- https://github.com/bfengj/Cloud-Security
- https://github.com/brimstone/stars
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/bsauce/kernel-security-learning
- https://github.com/daphne97/daphne97
- https://github.com/fireinrain/github-trending
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/iakat/stars
- https://github.com/jafshare/GithubTrending
- https://github.com/jetblk/Flipper-Zero-JavaScript
- https://github.com/johe123qwe/github-trending
- https://github.com/kevcooper/CVE-2024-1086-checker
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/phixion/phixion
- https://github.com/rootkalilocalhost/CVE-2024-1086
- https://github.com/seekerzz/MyRSSSync
- https://github.com/tanjiti/sec_profile
- https://github.com/uhub/awesome-c
- https://github.com/unresolv/stars
- https://github.com/wuhanstudio/awesome-stars
- https://github.com/xairy/linux-kernel-exploitation