You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Considering the vulnerability of CVE-2023-3609 described actually takes a very long time to trigger since it can only increase refcnt. I investigated and traced the PoC. I found it actually took advantage of the copied res structure in u32_init_knode (CVE-2023-4208): The exp script tries to bind the classifier to a non-existent class and it would trigger refcnt-- on the copied pointer (leads to UAF). When I applied the patch of CVE-2023-4208 on the linux kernel version the POC worked, the POC no longer works.
CVE-2023-3609
CVE-2023-3609's PoC does not exploit the described vulnerability; instead, it targets CVE-2023-4208.
Considering the vulnerability of CVE-2023-3609 described actually takes a very long time to trigger since it can only increase
refcnt. I investigated and traced the PoC. I found it actually took advantage of the copiedresstructure inu32_init_knode(CVE-2023-4208): The exp script tries to bind the classifier to a non-existent class and it would triggerrefcnt--on the copied pointer (leads to UAF). When I applied the patch of CVE-2023-4208 on the linux kernel version the POC worked, the POC no longer works.CVE-2023-3776
CVE-2023-3776's PoC has the same issue—it actually exploits CVE-2023-4207.
The text was updated successfully, but these errors were encountered: