CUBE

2 exploits Active since Jun 2014

CVE-2014-3153 NOMISEC HIGH WORKING POC

Linux Kernel <=3.14.5 - Privilege Escalation

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

19 stars

CVSS 7.8

View Code

CVE-2015-3636 NOMISEC WORKING POC

Linux kernel <4.0.3 - Use After Free

The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.

3 stars

View Code