xkaneiki

4 exploits Active since Mar 2022
CVE-2023-0386 NOMISEC HIGH WORKING POC
Local Privilege Escalation via CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
412 stars
CVSS 7.8
CVE-2022-1011 NOMISEC HIGH WORKING POC
Linux Kernel < 5.17 - Use-After-Free in FUSE Filesystem via write()
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
8 stars
CVSS 7.8
CVE-2023-0386 NOMISEC HIGH WORKING POC
Local Privilege Escalation via CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
CVSS 7.8
CVE-2023-0386 METASPLOIT HIGH ruby WORKING POC
Local Privilege Escalation via CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
CVSS 7.8