CVE-2022-0185

This repository contains two exploit variants for CVE-2022-0185, a Linux kernel vulnerability. The FUSE-based exploit targets Ubuntu (5.11.0-44) to achieve privilege escalation by making /bin/bash SUID, while the kCTF variant targets Kubernetes 1.22 for root RCE via a stack pivot and ROP chain.

This repository contains a working proof-of-concept exploit for CVE-2022-0185, a Linux kernel vulnerability in the fsconfig syscall that allows local privilege escalation and container escape. The exploit leverages an integer overflow in the legacy_parse_param function to achieve arbitrary memory write.

This is a functional exploit for CVE-2022-0185, leveraging a pipe-primitive technique to bypass KASLR, SMAP, SMEP, and KPTI. It achieves local privilege escalation by overwriting /usr/bin/mount with a SUID shell.

This repository contains a Dockerized proof-of-concept for CVE-2022-0185, a Linux kernel vulnerability in the filesystem context handling. The crash.c file exploits a heap-based buffer overflow in the fsconfig syscall, leading to a denial-of-service (kernel crash).

This is a working exploit for CVE-2022-0185, a heap overflow vulnerability in the Linux kernel's fsconfig syscall. The exploit leverages use-after-free (UAF) and heap spraying techniques to achieve local privilege escalation (LPE) by corrupting kernel structures and executing arbitrary code.

This repository contains a proof-of-concept exploit for CVE-2022-0185, a heap-based buffer overflow in the Linux kernel's Filesystem Context functionality. The exploit leverages an unsigned integer underflow to achieve local privilege escalation.

This repository contains a functional exploit for CVE-2022-0185, a Linux kernel vulnerability in the fsconfig syscall. The exploit demonstrates local privilege escalation and container escape by leveraging an integer overflow in the legacy_parse_param function.

This repository contains a functional proof-of-concept exploit for CVE-2022-0185, a heap-based buffer overflow in the Linux kernel's `legacy_parse_param` function. The exploit includes two variants: one for local privilege escalation (LPE) on Ubuntu using FUSE and SYSVIPC, and another for kCTF container escape using pipes and ROP chains.

This is a functional exploit for CVE-2022-0185, a heap-based buffer overflow in the Linux kernel's filesystem context. The exploit leverages message queue manipulation and memory corruption to achieve local privilege escalation (LPE) by executing shellcode as root.

This repository contains a functional proof-of-concept exploit for CVE-2022-0185, a heap-based buffer overflow in the Linux kernel's filesystem context implementation. The exploit demonstrates privilege escalation via heap memory corruption and includes detailed technical analysis.

This repository contains two exploit implementations for CVE-2022-0185, a Linux kernel vulnerability. The FUSE-based exploit targets Ubuntu (kernel 5.11.0-44) to achieve privilege escalation by making /bin/bash SUID, while the kCTF version targets Kubernetes 1.22 for root RCE via a stack pivot and ROP chain.