CVE-2022-41218

MEDIUM

Linux kernel <5.19.10 - Use After Free

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-41218. PoCs published by Tobey123.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-41218, a use-after-free vulnerability in the Linux kernel's DVB subsystem. The exploit demonstrates memory corruption via userfaultfd and thread synchronization to achieve arbitrary write primitives.

Description

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.

Exploits (1)

nomisec WORKING POC

by Tobey123 · poc

https://github.com/Tobey123/CVE-2022-41218

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2022-41218, a use-after-free vulnerability in the Linux kernel's DVB subsystem. The exploit demonstrates memory corruption via userfaultfd and thread synchronization to achieve arbitrary write primitives.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: Linux kernel (specific versions affected by CVE-2022-41218)

No auth needed

Prerequisites: Linux system with vulnerable kernel · DVB device or simulated environment · User namespace or root access for setup

MITRE ATT&CK