Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2022-34918

Description

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

POC

Reference

- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html

- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html

- http://www.openwall.com/lists/oss-security/2022/07/05/1

- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452@randorisec.fr/T/#u

- https://www.openwall.com/lists/oss-security/2022/07/02/3

- https://www.randorisec.fr/crack-linux-firewall/

Github

- https://github.com/0x7n6/OSCP

- https://github.com/0xMarcio/cve

- https://github.com/0xStrygwyr/OSCP-Guide

- https://github.com/0xZipp0/OSCP

- https://github.com/0xsyr0/OSCP

- https://github.com/20142995/sectool

- https://github.com/AMatheusFeitosaM/OSCP-Cheat

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Andromeda254/cve

- https://github.com/Anomaly-8/ZPOZAS_lab2

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/EnriqueSanchezdelVillar/NotesHck

- https://github.com/Faizan-Khanx/OSCP

- https://github.com/GhostTroops/TOP

- https://github.com/HaxorSecInfec/autoroot.sh

- https://github.com/IdanBanani/ELF-Injection-Shellcode-Bridgehead

- https://github.com/IdanBanani/ELF-Processs-Injection-Linux-Android

- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits

- https://github.com/Ly0nt4r/OSCP

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/ReflectedThanatos/OSCP-cheatsheet

- https://github.com/SYRTI/POC_to_review

- https://github.com/SantoriuHen/NotesHck

- https://github.com/Sechack06/CVE-2022-34918

- https://github.com/SenukDias/OSCP_cheat

- https://github.com/SirElmard/ethical_hacking

- https://github.com/Snoopy-Sec/Localroot-ALL-CVE

- https://github.com/VishuGahlyan/OSCP

- https://github.com/WhooAmii/POC_to_review

- https://github.com/XiaozaYa/CVE-Recording

- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits

- https://github.com/bsauce/kernel-exploit-factory

- https://github.com/bsauce/kernel-security-learning

- https://github.com/dkb4rb/KernelExploiting

- https://github.com/e-hakson/OSCP

- https://github.com/eljosep/OSCP-Guide

- https://github.com/exfilt/CheatSheet

- https://github.com/fazilbaig1/oscp

- https://github.com/felixfu59/kernel-hack

- https://github.com/hardenedvault/vault_range_poc

- https://github.com/jitmondal1/OSCP

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kdn111/linux-kernel-exploitation

- https://github.com/kgwanjala/oscp-cheatsheet

- https://github.com/khanhdn111/linux-kernel-exploitation

- https://github.com/khanhdz-06/linux-kernel-exploitation

- https://github.com/khanhdz191/linux-kernel-exploitation

- https://github.com/khanhhdz/linux-kernel-exploitation

- https://github.com/khanhhdz06/linux-kernel-exploitation

- https://github.com/khanhnd123/linux-kernel-exploitation

- https://github.com/khnhdz/linux-kernel-exploitation

- https://github.com/klemakle/audit-pentest-BOX

- https://github.com/knd06/linux-kernel-exploitation

- https://github.com/lanleft/CVE-2023-1829

- https://github.com/lanleft/CVE2023-1829

- https://github.com/linulinu/CVE-2022-34918

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/manas3c/CVE-POC

- https://github.com/merlinepedra/CVE-2022-34918-LPE-PoC

- https://github.com/merlinepedra25/CVE-2022-34918-LPE-PoC

- https://github.com/ndk06/linux-kernel-exploitation

- https://github.com/ndk191/linux-kernel-exploitation

- https://github.com/nisadevi11/Localroot-ALL-CVE

- https://github.com/nitishbadole/oscp-note-3

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/oscpname/OSCP_cheat

- https://github.com/parth45/cheatsheet

- https://github.com/purplewall1206/ERA-eBPF-assisted-Randomize-Allocator

- https://github.com/randorisec/CVE-2022-34918-LPE-PoC

- https://github.com/revanmalang/OSCP

- https://github.com/ssr-111/linux-kernel-exploitation

- https://github.com/taielab/awesome-hacking-lists

- https://github.com/tr3ss/gofetch

- https://github.com/trhacknon/CVE-2022-34918-LPE-PoC

- https://github.com/trhacknon/Pocingit

- https://github.com/txuswashere/OSCP

- https://github.com/veritas501/CVE-2022-34918

- https://github.com/vlain1337/auto-lpe

- https://github.com/whoforget/CVE-POC

- https://github.com/wkhnh06/linux-kernel-exploitation

- https://github.com/xairy/linux-kernel-exploitation

- https://github.com/xhref/OSCP

- https://github.com/xuetusummer/Penetration_Testing_POC

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve