Aborts with `Both 'src-url' and 'exploit-db' entries are empty for '\e[1;32m[CVE-2019-15666]\e[0m XFRM_UAF' exploit - fix that. Aborting.`

xtaran commented 4 years ago

I just cloned the git repository (as of HEAD at commit 65589f87debe1e17e4b2441e743572609ad1e099) and the script seems to abort inmidst execution as follows on an up-to-date RHEL7, rebooted into the most recent kernel:

$ ./linux-exploit-suggester.sh 

Available information:

Kernel version: 3.10.0
Architecture: x86_64
Distribution: RHEL
Distribution version: 7.8
Additional checks (CONFIG_*, sysctl entries, custom Bash commands): performed
Package listing: from current OS

Searching among:

74 kernel space exploits
45 user space exploits

Possible Exploits:

[…]

[+] [CVE-2019-18634] sudo pwfeedback

   Details: https://dylankatz.com/Analysis-of-CVE-2019-18634/
   Exposure: less probable
   Tags: mint=19
   Download URL: https://github.com/saleemrashid/sudo-cve-2019-18634/raw/master/exploit.c
   Comments: sudo configuration requires pwfeedback to be enabled.

Both 'src-url' and 'exploit-db' entries are empty for '\e[1;32m[CVE-2019-15666]\e[0m XFRM_UAF' exploit - fix that. Aborting.

So it seems as if the software expects some constrains which the internal database entry for CVE-2019-15666 can't fulfill.

(The unparsed ANSI sequences show up on the terminal as above — uninterpreted. Not sure if this is on purpose.)

d0gkiller87 commented 4 years ago

Same here. $ uname -a Linux 4d694cb04133 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

bcoles commented 4 years ago

Introduced in 65589f87debe1e17e4b2441e743572609ad1e099. Pending patch in #75.

mzet- commented 4 years ago

@xtaran, @vungsung thanks for reporting.

@bcoles thanks for PR.

xtaran commented 4 years ago

Thanks @bcoles and @mzet-!

The-Z-Labs / linux-exploit-suggester

Aborts with `Both 'src-url' and 'exploit-db' entries are empty for '\e[1;32m[CVE-2019-15666]\e[0m XFRM_UAF' exploit - fix that. Aborting.` #74