exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocallinux
https://www.exploit-db.com/exploits/47543
This Metasploit module exploits CVE-2019-13272, a local privilege escalation vulnerability in the Linux kernel's ptrace_link function. It leverages Polkit's pkexec helper with PTRACE_TRACEME to gain root access on vulnerable systems.
Classification
Working Poc 100%
Target:
Linux kernel before 5.1.17, 4.19.58, 4.14.133, 4.9.185, 4.4.185
Auth required
Prerequisites:
Local access to a vulnerable Linux system · Active Polkit agent session · Non-SSH terminal access
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textlocallinux
https://www.exploit-db.com/exploits/47133
This exploit demonstrates a privilege escalation vulnerability in the Linux kernel (CVE-2019-13272) by abusing the PTRACE_TRACEME mechanism to create a privileged ptrace relationship, leading to potential root access. The PoC triggers a kernel panic due to incorrect credential handling.
Classification
Working Poc 100%
Target:
Linux kernel versions 4.10 and later (with backports to older versions)
No auth needed
Prerequisites:
A system with a vulnerable Linux kernel · A setuid binary that drops privileges and becomes dumpable
exploitdb
WORKING POC
by Ujas Dhami · clocallinux
https://www.exploit-db.com/exploits/50541
This exploit leverages CVE-2019-13272, a race condition in the Linux kernel's ptrace implementation, to escalate privileges via pkexec. It manipulates process tracing and memory injection to spawn a root shell.
Classification
Working Poc 95%
Target:
Linux Kernel 4.19 - 5.2.1
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Presence of pkexec and a compatible PolKit helper binary
exploitdb
WORKING POC
by bcoles · clocallinux
https://www.exploit-db.com/exploits/47163
This exploit leverages CVE-2019-13272, a PTRACE_TRACEME vulnerability in Linux kernels 4.10 to 5.1.17, to achieve local privilege escalation (LPE) by manipulating the ptrace relationship during the execution of pkexec. It spawns a root shell by exploiting improper credential handling in the ptrace subsystem.
Classification
Working Poc 100%
Target:
Linux kernel 4.10 < 5.1.17
No auth needed
Prerequisites:
Local user access · Presence of a known helper binary (e.g., mate-power-backlight-helper) · pkexec installed
nomisec
WORKING POC
328 stars
by jas502n · local
https://github.com/jas502n/CVE-2019-13272
This repository contains a functional local privilege escalation (LPE) exploit for CVE-2019-13272, leveraging a PTRACE_TRACEME race condition in Linux kernels 4.10 to 5.1.17. The exploit uses pkexec to gain root privileges by manipulating process tracing and SUID execution.
Classification
Working Poc 100%
Target:
Linux kernel 4.10 < 5.1.17
Auth required
Prerequisites:
Local user access · Presence of a known helper binary (e.g., mate-power-backlight-helper)
github
WORKING POC
8 stars
by codecat007 · cpoc
https://github.com/codecat007/cvehub/tree/main/android/kernel/EXP-CVE-2019-13272
This repository contains a functional local privilege escalation exploit for CVE-2019-13272, leveraging a PTRACE_TRACEME race condition in Linux kernels 4.10 to 5.1.17. The exploit uses a multi-stage approach with fake pkexec and helper binaries to gain root privileges.
Classification
Working Poc 95%
Target:
Linux kernel 4.10 < 5.1.17
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Compilation of the exploit and helper binaries
nomisec
WORKING POC
5 stars
by Cyc1eC · local
https://github.com/Cyc1eC/CVE-2019-13272
This repository contains a functional exploit for CVE-2019-13272, a Linux local privilege escalation vulnerability affecting kernels below 5.1.17. The exploit leverages a ptrace-based race condition in pkexec to gain root privileges.
Classification
Working Poc 95%
Target:
Linux kernel < 5.1.17 with PolKit
Auth required
Prerequisites:
PolKit installed · pkexec available · active PolKit agent session
nomisec
WORKING POC
4 stars
by oneoy · local
https://github.com/oneoy/CVE-2019-13272
This repository contains a functional local privilege escalation (LPE) exploit for CVE-2019-13272, leveraging a PTRACE_TRACEME vulnerability in Linux kernels 4.10 to 5.1.17. The exploit uses pkexec to gain root access by manipulating process tracing and SUID execution.
Classification
Working Poc 100%
Target:
Linux kernel 4.10 < 5.1.17
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a known helper binary (e.g., mate-power-backlight-helper)
nomisec
WORKING POC
2 stars
by josemlwdf · local
https://github.com/josemlwdf/CVE-2019-13272
This is a functional exploit for CVE-2019-13272, a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages improper handling of environment variables and argument injection to gain root privileges by manipulating the execution flow of pkexec.
Classification
Working Poc 95%
Target:
Polkit pkexec (versions before 0.105)
Auth required
Prerequisites:
Local access to a vulnerable system · Presence of a vulnerable pkexec binary · A valid user session with a Polkit agent running
nomisec
WORKING POC
2 stars
by MDS1GNAL · local
https://github.com/MDS1GNAL/ptrace_scope-CVE-2019-13272-privilege-escalation
The repository contains a functional privilege escalation exploit for CVE-2019-13272, leveraging a ptrace scope bypass in Linux systems. The exploit uses GDB to inject commands into running shell processes to escalate privileges.
Classification
Working Poc 90%
Target:
Linux kernel (ptrace scope misconfiguration)
Auth required
Prerequisites:
GDB installed · User with shell access
nomisec
WRITEUP
2 stars
by Tharana · poc
https://github.com/Tharana/vulnerability-exploitation
The repository contains a README.md file mentioning multiple CVEs, including CVE-2015-1538 (Stagefright RCE), but lacks actual exploit code or technical details. It appears to be a placeholder or incomplete writeup.
Classification
Writeup 30%
Target:
Google Android (Stagefright)
No auth needed
Prerequisites:
none specified
nomisec
SUSPICIOUS
1 stars
by Tharana · poc
https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability
The repository lacks exploit code or technical details, instead providing vague descriptions and requesting external review. No functional PoC or analysis is included.
Classification
Suspicious 90%
Target:
Linux kernel (unspecified version)
No auth needed
nomisec
WORKING POC
by letsr00t · local
https://github.com/letsr00t/CVE-2019-13272
This repository contains a functional exploit for CVE-2019-13272, a local privilege escalation vulnerability in Linux kernels 4.10 to 5.1.17. The exploit leverages the PTRACE_TRACEME mechanism and pkexec to gain root privileges by manipulating process tracing relationships.
Classification
Working Poc 100%
Target:
Linux kernel versions 4.10 to 5.1.17
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Presence of a suitable helper binary (e.g., mate-power-backlight-helper)
nomisec
WORKING POC
by Chinmay1743 · poc
https://github.com/Chinmay1743/ptrace-vuln
The repository contains a functional PoC for CVE-2019-13272, demonstrating the ptrace vulnerability by tracing system calls in a child process. The code compiles and runs, showing system call numbers and confirming the vulnerability's applicability on unhardened systems.
Classification
Working Poc 90%
Target:
Linux kernel (versions affected by CVE-2019-13272)
No auth needed
Prerequisites:
Unpatched Linux kernel · ptrace not restricted
nomisec
WORKING POC
by asepsaepdin · local
https://github.com/asepsaepdin/CVE-2019-13272
This repository contains a functional exploit for CVE-2019-13272, a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages a ptrace race condition to gain root access by manipulating process credentials during a privileged execution.
Classification
Working Poc 100%
Target:
Polkit pkexec (Linux kernel before 5.1.17)
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec binary
nomisec
SUSPICIOUS
by GgKendall · poc
https://github.com/GgKendall/secureCodingDemo
The repository lacks exploit code and instead references external links in a .txt file, which is a common tactic for suspicious repos. No technical details about CVE-2019-13272 are provided.
Classification
Suspicious 90%
Target:
Linux Kernel (version unspecified)
No auth needed
Prerequisites:
access to external links mentioned in the .txt file
nomisec
WORKING POC
by babyshen · local
https://github.com/babyshen/CVE-2019-13272
This is a functional local privilege escalation (LPE) exploit for CVE-2019-13272, leveraging a ptrace race condition in Linux kernels 4.10 to 5.1.17. It uses pkexec to spawn a privileged process and manipulates ptrace relationships to gain root access.
Classification
Working Poc 100%
Target:
Linux kernel 4.10 < 5.1.17
Auth required
Prerequisites:
User session with active PolKit agent · kernel.yama.ptrace_scope < 2 · SELinux deny_ptrace=off
nomisec
WRITEUP
by datntsec · poc
https://github.com/datntsec/CVE-2019-13272
This repository provides a detailed technical analysis of CVE-2019-13272, a local privilege escalation vulnerability in the Linux kernel related to the PTRACE_TRACEME system call. It includes root cause analysis, code snippets, and explanations of the ptrace mechanism and credential handling.
Classification
Writeup 100%
Target:
Linux Kernel (versions affected by CVE-2019-13272)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Ability to execute processes
nomisec
STUB
by RashmikaEkanayake · poc
https://github.com/RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272-
The repository contains only a README with a brief description of CVE-2019-13272 but no exploit code, technical details, or analysis. It appears to be a placeholder or incomplete submission.
Target:
Linux kernel (specific version not specified)
Auth required
Prerequisites:
Local access to a vulnerable system
nomisec
WORKING POC
by polosec · local
https://github.com/polosec/CVE-2019-13272
This Python script exploits CVE-2019-13272, a command injection vulnerability in the PTZ (Pan-Tilt-Zoom) camera management interface. It sends a maliciously crafted HTTP POST request with encoded commands to achieve remote code execution (RCE) on the target device.
Classification
Working Poc 95%
Target:
PTZ camera management interface (specific vendor/model not specified in code)
No auth needed
Prerequisites:
Network access to the target device · Vulnerable PTZ camera firmware
metasploit
WORKING POC
EXCELLENT
by Jann Horn, bcoles, timwr · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/ptrace_traceme_pkexec_helper.rb
This Metasploit module exploits CVE-2019-13272, a local privilege escalation vulnerability in the Linux kernel's ptrace_link function. It leverages Polkit's pkexec helper with PTRACE_TRACEME to gain root access on vulnerable systems.
Classification
Working Poc 100%
Target:
Linux kernel before 5.1.17 (and backported patches in 4.4.185, 4.9.185, 4.14.133, 4.19.58)
Auth required
Prerequisites:
Local access to a vulnerable Linux system · Active Polkit agent session · x86_64 architecture · pkexec installed