CVE-2023-2598

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2023-2598, leveraging a vulnerability in the Linux kernel's io_uring subsystem. The exploit uses memory corruption techniques to leak kernel addresses and achieve arbitrary code execution in kernel mode.

This repository provides a detailed technical analysis of CVE-2023-2598, a vulnerability in the Linux kernel's io_uring subsystem. The writeup explains the logical bug in the `io_sqe_buffer_register` function, where the folio coalescing logic fails to check for consecutive pages, leading to potential exploitation.

This repository contains a functional exploit for CVE-2023-2598, leveraging io_uring and memory manipulation techniques to achieve privilege escalation. The code demonstrates detailed knowledge of kernel structures and offsets, indicating a well-researched and operational PoC.

This repository contains a functional exploit for CVE-2023-2598, leveraging io_uring to achieve arbitrary memory write primitives, which are then used to spray heap and manipulate file structures (e.g., /etc/passwd). The exploit is written in C and targets the Linux kernel's io_uring subsystem.

This repository contains a functional exploit for CVE-2023-2598, leveraging a vulnerability in io_uring's handling of compound pages to achieve local privilege escalation (LPE) by manipulating the `cred` structure. The exploit includes detailed technical analysis of the vulnerability, including the misuse of `page_folio()` and the resulting out-of-bounds read/write.