DirtyCred Remastered: how to turn an UAF into Privilege Escalation
A few weeks ago, @kiks and I started to search for some recent CVEs in order to practice our kernel exploitation skills. We chose CVE-2022-2602 as our target for two reasons:
- There wasn’t a public exploit yet, only a PoC.
- It involves
io_uring
, so it was a good way to learn more about it.In the end, we were able to create a functional exploit using two different techniques:
userfaultfd
and inode locking. FUSE exploit coming soon, I’ll update this blog post :)Go checking out @kiks’ blogpost about the same vulnerability here :) DirtyCred Remastered: how to turn an UAF into Privilege Escalation