jmpr4xp4xm4n / GSM_Linux_Kernel_LPE_Nday_ExploitLinks
LPE exploit in the linux module n_gsm.c. This module is used to implement the GSM 07.10 multiplexing protocol. This type of error was “Race Condtiton” which results in “User - After - Free”. Looking at the code, I realized that this could be used to execute my code in the Linux kernel and get LPE on a potential victim.
☆42Updated last year
Alternatives and similar repositories for GSM_Linux_Kernel_LPE_Nday_Exploit
Users that are interested in GSM_Linux_Kernel_LPE_Nday_Exploit are comparing it to the libraries listed below
Sorting:
- ☆129Updated 11 months ago
- Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability☆221Updated last year
- This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.☆52Updated 2 months ago
- In this Arsenal lab session, we will extract firmware from an EV charger, dig into the firmware, and eventually emulate it so we can inte…☆52Updated last year
- Advanced exploits that I wrote for Pwn2Own competitions and other occasions☆169Updated last year
- Writeups, PoCs of the bugs I found while preparing for the Pwn2Own Miami 2023 contest targeting UaGateway from the OPC UA Server category…☆61Updated 2 years ago
- ☆51Updated last year
- ☆81Updated last year
- ☆36Updated last year
- Kernel Read Write Execute☆46Updated 9 months ago
- CVE-2023-4911 proof of concept☆168Updated 2 years ago
- WallEscape vulnerability in util-linux☆52Updated last year
- SpiralBL0CK / Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20eRemote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of …☆48Updated last year
- Fuzzing IoT Devices Using the Router TL-WR902AC as Example☆120Updated last year
- GERMY is a Linux Kernel n-day in the N_GSM line discipline☆49Updated last year
- Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.☆106Updated 8 months ago
- MCP for Pwn☆140Updated this week
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆133Updated 5 months ago
- Hackers to Hackers Conference (H2HC) presentation in São Paulo☆37Updated 10 months ago
- Shielder's public proof of concepts collection☆33Updated 3 months ago
- An automatic Blind ROP exploitation tool☆205Updated 2 years ago
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆128Updated last year
- CVE-2024-11477 7Zip Code Execution Writeup and Analysis☆65Updated 10 months ago
- ☆41Updated last year
- ☆213Updated last year
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- ☆105Updated 9 months ago
- ☆135Updated last year
- Reverse Engineering and Observability toolkit for Draytek firewalls☆43Updated 8 months ago
- LPE exploit for CVE-2024-0582 (io_uring)☆101Updated last year