CVE-2022-0492 cannot deploy, ubuntu kernel 5.8 has been patehed

[awslshadowstar]

I followed the steps in https://github.com/Metarget/metarget/tree/master/writeups_cnv/kernel-cve-2022-0492

In the container, I cannot write to release_agent file anymore. I need a linux kernel version not patched.

version information: ubuntu 20.04 kernel version:5.8.0-23-generic docker version:10.10.21

[brant-ruan]

Hi @awslshadowstar, I just reproduced this vulnerability according to the steps in writeup, so maybe you should check your reproduction. I think the problem may be the version of Ubuntu. I suggest you try with 18.04 (in the writeup), where the Linux kernel to be installed is:

Linux ubuntu-bionic 5.8.0-050800rc1-generic #202007141143 SMP Tue Jul 14 11:45:39 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Or you can specify the version using the following command:

./metarget cnv install kernel --version <vulnerable version> (e.g., 5.8.0-050800rc1)

I haven't tested the latter way yet :)

[awslshadowstar]

@brant-ruan thanks for your help，it works in ubuntu 18.04 and kernel version 5.8.0-050800rc1-generic