Linux Kernel could allow a local authenticated malicious user to execute arbitrary code on the system, caused by a flaw in the bpf verifier for 32bit operations. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Linux kernel EoP exp
linux-kernel-exploits 简介 在github项目：githubcom/SecWiki/linux-kernel-exploits 的基础上增加了最近几年的提权漏洞Exp，漏洞相关信息的搜集在对应漏洞文件夹下的Readmemd。 红队攻击时，可以通过脚本：githubcom/mzet-/linux-exploit-suggester/blob/master/linux-exploit-suggestersh 评估系统可能受到哪些提
Linux Kernel Exploitation Pull requests are welcome Books 2014: "Android Hacker's Handbook" by Joshua J Drake 2012: "A Guide to Kernel Exploitation: Attacking the Core" by Enrico Perla and Massimiliano Oldani Workshops 2020: "Android Kernel Exploitation" by Ashfaq Ansari [workshop] Exploitation Techniques 2020: "Structures that can be u
PoC in GitHub 2020 CVE-2020-0014 It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable This could lead to a local escalation of privilege with no additional execution privileges needed User action is needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Android-10Android ID: A-1286745
PoC auto collect from GitHub.
PoC in GitHub 2020 CVE-2020-0022 In reassemble_and_dispatch of packet_fragmentercc, there is possible out of bounds write due to an incorrect bounds calculation This could lead to remote code execution over Bluetooth with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Andr
Also, Zoom assembles security dream team to fix its ongoing woes
This week in The Reg's security roundup of the notable bits beyond what we've already covered, the Tor Project has cut back to its core team, Zoom has called in the big security guns, US tech firms are taking on its Congress – and more.
First off, it has been a bad weekend for 13 staffers at the nonprofit Tor Project after they were let go as the team was reduced to core operations only.
"Like many other nonprofits and small businesses, the crisis has hit us hard, and we have had t...