Open laowang1026 opened 2 years ago
laowang1026
commented
2 years ago Linux version 4.19.91-20211117175159.ff8219c.al7.x86_64 (root@fbba8dd77f8f) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)) https://github.com/Crusaders-of-Rust/CVE-2022-0185/issues/1 SMP Wed Nov 17 09:57:56 UTC 2021
./exploit fuse: device not found, try 'modprobe fuse' first [*] Opening ext4 filesystem fsopen: Remember to unshare
bcoles
commented
2 years ago The exploit uses the fuse technique and requires user name spaces (kernel.unprivileged_userns_clone = 1) as per the writeup.
Also, the exploit_fuse.c exploit only targets Ubuntu 5.x kernels based on mainline kernel versions 5.7 and higher.
This bug popped up since 5.1-rc1. It’s important to note that you need the CAP_SYS_ADMIN capability to trigger it, but the permission only needs to be granted in the CURRENT NAMESPACE.
Linux version 4.19.91-20211117175159.ff8219c.al7.x86_64 (root@fbba8dd77f8f) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)) #1 SMP Wed Nov 17 09:57:56 UTC 2021
[*] Spraying kmalloc-32 [*] Opening ext4 filesystem fsopen: Remember to unshare