iouringLPE-CVE-2024-0582

March 29, 2024 · View on GitHub

LPE exploit for CVE-2024-0582.

I will not be releasing a write-up for this vulnerability as my method of exploitation is almost the same as for CVE-2023-2598.

You can read the exploitation section of my write-up on CVE-2023-2598 to understand this exploit as well: Conquering the memory through io_uring - Analysis of CVE-2023-2598.

If you want to read more about the vulnerability itself, Oriol Castejón (@foolisses) has written an excellent post on it: Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu

Disclaimer

For educational and research purposes only. Use at your own risk.