A few weeks ago, @kiks and I started to search for some recent CVEs in order to practice our kernel exploitation skills. We chose CVE-2022-2602 as our target for two reasons:
- There wasn’t a public exploit yet, only a PoC.
- It involves
io_uring, so it was a good way to learn more about it.In the end, we were able to create a functional exploit using two different techniques:
userfaultfdand inode locking. FUSE exploit coming soon, I’ll update this blog post :)Go checking out @kiks’ blogpost about the same vulnerability here :) DirtyCred Remastered: how to turn an UAF into Privilege Escalation
so.cl
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer