CVEs-PoC/2020/CVE-2020-28588.md at dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-31 01:49:30 +02:00

Files

T

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents.

POC

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1211

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/kdn111/linux-kernel-exploitation
https://github.com/khanhdn111/linux-kernel-exploitation
https://github.com/khanhdz-06/linux-kernel-exploitation
https://github.com/khanhdz191/linux-kernel-exploitation
https://github.com/khanhhdz/linux-kernel-exploitation
https://github.com/khanhhdz06/linux-kernel-exploitation
https://github.com/khanhnd123/linux-kernel-exploitation
https://github.com/knd06/linux-kernel-exploitation
https://github.com/ndk191/linux-kernel-exploitation
https://github.com/ssr-111/linux-kernel-exploitation
https://github.com/xairy/linux-kernel-exploitation

1.6 KiB Raw Blame History Unescape Escape

CVE-2020-28588

Description

POC

Reference

Github

1.6 KiB

Raw Blame History