diff --git a/data/KernelPocs/CVE-2022-0492/CVE-2022-0492.yaml b/data/KernelPocs/CVE-2022-0492/CVE-2022-0492.yaml deleted file mode 100644 index 3139259..0000000 --- a/data/KernelPocs/CVE-2022-0492/CVE-2022-0492.yaml +++ /dev/null @@ -1,48 +0,0 @@ -FormatVer: 20220224 -Id: CVE-2022-0492 -Belong: kernel -PocHazardLevel: high -Source: https://github.com/chenaotian/CVE-2022-0492 -SiteInfo: - Name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 - Severity: high - Description: - Linux kernel 存在安全漏洞,该漏洞源于软件对用权限限制存在问题。攻击者可利用该漏洞可以通过Cgroups Release Agent 绕过Linux内核的限制,以升级他的权限。 - ScopeOfInfluence: - v5.8 ≤ linux-kernel ≤ 5.17 - References: - http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html - http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html - https://bugzilla.redhat.com/show_bug.cgi?id=2051505 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af - https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html - https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html - https://security.netapp.com/advisory/ntap-20220419-0002/ - https://www.debian.org/security/2022/dsa-5095 - https://www.debian.org/security/2022/dsa-5096 - SiteClassification: - CvssMetrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H - CvssScore: 7.8 - CveId: CVE-2022-0492 - CweId: CWE-287 - CnvdId: None - KveId: None - Tags: - - 权限提升 -SiteRequests: - Implement: - RawTypes: - - implementOne - ImArray: - - inter: bash - InterArgs : - Exec : exp.sh - Args : - ExpireTime: #second - Inter: - - "<<:./exp.sh "hostname"" #输入'xxx\n' - - ">.:[-] You do not have CAP_SYS_ADMIN, will try" #等待输出'\n' - - ">.:umount: /temp/testcgroup: target is busy." #等待输出'\n' - - ">.:[+] Escape Success with unshare!" #等待输出'\n' - - ">.:ubuntu" #等待输出'ubuntu\n' - Condition: None \ No newline at end of file