linux-kernel-exploits

linux-kernel-exploits Linux平台提权漏洞集合

5,233

1,741

5,233

View on GitHub

Top Related Projects

paper_collection

1,214

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Quick Overview

SecWiki/linux-kernel-exploits is a GitHub repository that collects various Linux kernel exploits. It serves as a comprehensive resource for security researchers, penetration testers, and system administrators to understand and mitigate potential vulnerabilities in Linux systems. The repository includes exploits for different kernel versions and security flaws.

Pros

Extensive collection of Linux kernel exploits in one place
Regularly updated with new exploits and vulnerabilities
Valuable resource for security professionals and researchers
Includes exploits for various kernel versions and distributions

Cons

Could potentially be misused by malicious actors
Some exploits may be outdated or no longer applicable to current kernel versions
Lacks detailed explanations or mitigation strategies for each exploit
May require advanced knowledge to understand and use effectively

Note: As this is not a code library but rather a collection of exploits, the code example and quick start sections have been omitted as per the instructions.

Competitor Comparisons

paper_collection

1,214

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Pros of paper_collection

Broader scope, covering various security topics beyond just Linux kernel exploits
Organized collection of academic papers and research materials
Regularly updated with new content and resources

Cons of paper_collection

Less focused on practical exploit code and implementation details
May require more technical background to fully understand the content
Not as directly applicable for immediate use in penetration testing or exploit development

Code comparison

While a direct code comparison is not relevant for these repositories, we can compare the structure of their content:

paper_collection:

📁 Exploitation
  📁 Return Oriented Programming
    📄 The Geometry of Innocent Flesh on the Bone.pdf
    📄 ...

linux-kernel-exploits:

📁 2017
  📁 CVE-2017-1000112
    📄 exploit.c
    📄 README.md

The paper_collection repository focuses on organizing research papers, while linux-kernel-exploits provides ready-to-use exploit code for specific vulnerabilities.

Convert designs to code with AI

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

linux-kernel-exploits

ç®ä»

linux-kernel-exploits

æ¼æ´åè¡¨

#CVEãã#Descriptionãã#Kernels

CVEâ2018â18955ãã[map_write() in kernel/user_namespace.c allows privilege escalation]
(Linux kernel 4.15.x through 4.19.x before 4.19.2)
CVEâ2018â1000001ãã[glibc]
(glibc <= 2.26)
CVE-2017-1000367ãã[Sudo] (Sudo 1.8.6p7 - 1.8.20)
CVE-2017-1000112ãã[a memory corruption due to UFO to non-UFO path switch]
CVE-2017-16995ãã[Memory corruption caused by BPF verifier] (Linux kernel before 4.14 - 4.4)
CVE-2017-16939ãã[UAF in Netlink socket subsystem â XFRM] (Linux kernel before 4.13.11)
CVE-2017-7494ãã[Samba Remote execution]
(Samba 3.5.0-4.6.4/4.5.10/4.4.14)
CVE-2017-7308ãã[a signedness issue in AF_PACKET sockets]
(Linux kernel through 4.10.6)
CVE-2017-6074ãã[a double-free in DCCP protocol]
(Linux kernel through 4.9.11)
CVE-2017-5123ãã['waitid()']
(Kernel 4.14.0-rc4+)
CVE-2016-9793ãã[a signedness issue with SO_SNDBUFFORCE and SO_RCVBUFFORCE socket options]
(Linux kernel before 4.8.14)
CVE-2016-5195ãã[Dirty cow]
(Linux kernel>2.6.22 (released in 2007))
CVE-2016-2384ãã[a double-free in USB MIDI driver]
(Linux kernel before 4.5)
CVE-2016-0728ãã[pp_key]
(3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
CVE-2015-7547ãã[glibc getaddrinfo]
(before Glibc 2.9)
CVE-2015-1328ãã[overlayfs]
(3.13, 3.16.0, 3.19.0)
CVE-2014-5284ãã[OSSEC]
(2.8)
CVE-2014-4699ãã[ptrace]
(before 3.15.4)
CVE-2014-4014ãã[Local Privilege Escalation]
(before 3.14.8)
CVE-2014-3153ãã[futex]
(3.3.5 ,3.3.4 ,3.3.2 ,3.2.13 ,3.2.9 ,3.2.1 ,3.1.8 ,3.0.5 ,3.0.4 ,3.0.2 ,3.0.1 ,2.6.39 ,2.6.38 ,2.6.37 ,2.6.35 ,2.6.34 ,2.6.33 ,2.6.32 ,2.6.9 ,2.6.8 ,2.6.7 ,2.6.6 ,2.6.5 ,2.6.4 ,3.2.2 ,3.0.18 ,3.0 ,2.6.8.1)
CVE-2014-0196ãã[rawmodePTY]
(2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.14, 3.15)
CVE-2014-0038ãã[timeoutpwn]
(3.4, 3.5, 3.6, 3.7, 3.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
CVE-2013-2094ãã[perf_swevent]
(3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.8, 3.4.9, 3.5, 3.6, 3.7, 3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9)
CVE-2013-1858ãã[clown-newuser]
(3.3-3.8)
CVE-2013-1763ãã[__sock_diag_rcv_msg]
(before 3.8.3)
CVE-2013-0268ãã[msr]
(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7.0, 3.7.6)
CVE-2012-3524ãã[libdbus]
(libdbus 1.5.x and earlier)
CVE-2012-0056ãã[memodipper]
(2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0)
CVE-2010-4347ãã[american-sign-language]
( 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
CVE-2010-4258ãã[full-nelson]
(2.6.31, 2.6.32, 2.6.35, 2.6.37)
CVE-2010-4073ãã[half_nelson]
(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
CVE-2010-3904ãã[rds]
(2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
CVE-2010-3437ãã[pktcdvd]
(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
CVE-2010-3301ãã[ptrace_kmod2]
(2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
CVE-2010-3081ãã[video4linux]
(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33)
CVE-2010-2959ãã[can_bcm]
(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
CVE-2010-1146ãã[reiserfs]
(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
CVE-2010-0415ãã[do_pages_move]
(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
CVE-2009-3547ãã[pipe.c_32bit]
(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
CVE-2009-2698ãã[udp_sendmsg_32bit]
(2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19)
CVE-2009-2692ãã[sock_sendpage]
(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
CVE-2009-2692ãã[sock_sendpage2]
(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
CVE-2009-1337ãã[exit_notify]
(2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
CVE-2009-1185ãã[udev]
(2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
CVE-2008-4210ãã[ftrex]
(2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22)
CVE-2008-0600ãã[vmsplice2]
(2.6.23, 2.6.24)
CVE-2008-0600ãã[vmsplice1]
(2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.24.1)
CVE-2006-3626ãã[h00lyshit]
(2.6.8, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16)
CVE-2006-2451ãã[raptor_prctl]
(2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17)
CVE-2005-0736ãã[krad3]
(2.6.5, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11)
CVE-2005-1263ãã[binfmt_elf.c]
(Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4)
CVE-2004-1235ãã[elflbl]
(2.4.29)
CVE-N/Aãã[caps_to_root]
(2.6.34, 2.6.35, 2.6.36)
CVE-2004-0077ãã[mremap_pte]
(2.4.20, 2.2.24, 2.4.25, 2.4.26, 2.4.27)

å·¥å·

é¡¹ç®ç»´æ¤

ourren(sina weibo @ourren)
hx(sina weibo @hx)
CaledoniaProject(github @CaledoniaProject)

åè´£è¯´æ

è¯·å¿ç¨äºéæ³çç¨éï¼å¦åé æçä¸¥éåæä¸æ¬é¡¹ç®æ å³ã

åèé¾æ¥

è½¬è½½

è½¬è½½è¯·æ³¨ææ¥èªhttps://github.com/SecWiki/linux-kernel-exploits

è¡¥åå®å

©SecWiki 2017

Top Related Projects

paper_collection

1,214

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Convert designs to code with AI

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

linux-kernel-exploits

Top Related Projects

paper_collection

Quick Overview

Pros

Cons

Competitor Comparisons

paper_collection

Pros of paper_collection

Cons of paper_collection

Code comparison

Convert designs to code with AI

README

linux-kernel-exploits

ç®ä»

æ¼æ´åè¡¨

#CVEãã#Descriptionãã#Kernels

å·¥å ·

é¡¹ç®ç»´æ¤

å è´£è¯´æ

åèé¾æ¥

è½¬è½½

è¡¥å å®å

Top Related Projects

paper_collection

Convert designs to code with AI

ç®ä»

æ¼æ´åè¡¨

#CVEãã#Descriptionãã#Kernels

å·¥å·

é¡¹ç®ç»´æ¤

åè´£è¯´æ

åèé¾æ¥

è¡¥åå®å