tags:linuxlpeinteger_overflowkernel original link: Linux Kernel Int Overflow Leading To Priv Esc newsletter link: exploits.club Weekly Newsletter 24
Exploits Club Summary:
SSD Secure Disclosure Team released a Linux privesc write-up this week which was patched in July of 2023. The bug is a straightforward int overflow which results in a OOB read and write primitive. The post ends with a full PoC which usesÂ
nft_payload to leak stack info and bypass KASLR, overwrite the return address, and ROP to overwrite modprobe.