Giters

Notselwyn / CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

Home Page:https://pwning.tech/nftables

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

sorry how to solve it ,

llllIIIllll opened this issue · comments

commented 
@:~/CVE-2024-1086$ ./exploit 
[*] creating user namespace (CLONE_NEWUSER)...
[*] creating network namespace (CLONE_NEWNET)...
[*] setting up UID namespace...
[*] configuring localhost in namespace...
[*] setting up nftables...
[+] running normal privesc
[*] waiting for the calm before the storm...
[*] sending double free buffer packet...
[*] spraying 16000 pte's...
[*] checking 16000 sprayed pte's for overlap...
[-] failed to detect overwritten pte: is more PTE spray needed? pmd: 00000000cafebabe
@:~/CVE-2024-1086$ uname -a
Linux poi 6.5.0-27-generic #28~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 15 10:51:06 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
commented

Your system is not vulnerable. Please check the affected versions table in the blogpost before creating GH Issues. Thanks 🙌