Dec 10, 2022
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Vulnerability Release Time:
2022-03-14 11:43 UTC
Vulnerability Impact & Type
Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).
This vulnerability exist in all Linux versions up to 5.17 RC1 till RC7
Kernel 5.17 RC8 and above
The software writes data past the end, or before the beginning, of the intended buffer. This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things.
Base Score: 7.2 (High)
CWD ID: 787
Vulnerability type: Low
Gained Access: None
Confidentiality Impact: Complete
Integrity Impact: Complete
Availability Impact: Complete
Access Complexity: Low
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability
Technical Analysis / Exploits:
1. Login to my linux machine as a normal user and shown the linux version I’m using.
2. Now let’s download exploit data in our local machine. Use below command to successfully download exploit data from github repository:
git clone https://github.com/Bonfee/CVE-2022-0995.git
3. After cloning the repository, change current directory to downloaded
repository directory using below command:
After the script completes its execution, you will successfully get the root user shell.
4. After the script completes its execution, you will successfully get the root user shell.
5. Now, use below command to get bash shell of root user:
Now you are at root user bash shell and you can do everything as a root user.
● https://github.com/Bonfee/CVE-2022-0995 ● https://nvd.nist.gov/vuln/detail/CVE-2022-0995 ● https://access.redhat.com/security/cve/cve-2022-0995
#CVE–2022-0995 #Linux #kernel #Out-of-Bound(OOB)
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day)j00sean (https://twitter.com/j00sean) July 11, 2023
CVE-2021-38294: Apache Storm Nimbus Command InjectionZeyad Abdelazim June 20, 2023
CVE-2023-21931 & CVE-2023-21839 RCE via post-deserializationMohammad Hussam Alzeyyat June 19, 2023
Have you missed them? The new reports feature is here!Noa Machter May 14, 2023
CVE-2021-45456 Apache Kylin RCE ExploitMohammad Hussam Alzeyyat April 30, 2023