当前位置:网站首页>Cve-2022-0847 (privilege lifting kernel vulnerability)

Cve-2022-0847 (privilege lifting kernel vulnerability)

2022-06-22 15:47:00 Ink mark vs. breeze

One 、CVE-2022-0847Linux The kernel authorization vulnerability

Abstract
CVE-2022-0847 It's from 5.8 since Linux A vulnerability in the kernel , It allows you to overwrite data in any read-only file . This will result in privilege escalation , Because non privileged processes can inject code into the root process . It is similar to Dirty COW (CVE-2016-5195), But it's easier to use .

Kernel impact version :5.8 <= Linux kernel < 5.16.11/5.15.25/5.10.102

Recurrence environment
Linux kali 5.15.0-kali3-amd64 #1 SMP Debian 5.15.15-2kali1 (2022-01-31) x86_64 GNU/Linux

exploit
https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit

Two 、 Start the operation

1. see Linux Version information

2. adopt GitHub Download the corresponding exploit

3.exploit Some corresponding files in  

4. perform ./compile.sh One more. exploit file

5. perform ./exploit

6. utilize root aaron Successfully logged in , Permission is the highest permission , utilize mv After replacing the corresponding file , utilize root aaron Unable to log in successfully  

原网站

版权声明
本文为[Ink mark vs. breeze]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/173/202206221426250016.html