Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tested exploit/linux/local/runc_cwd_priv_esc on arch linux runc 1.1.4 #19679

Open
rolf-d2i opened this issue Nov 25, 2024 · 0 comments
Open

Tested exploit/linux/local/runc_cwd_priv_esc on arch linux runc 1.1.4 #19679

rolf-d2i opened this issue Nov 25, 2024 · 0 comments
Labels
suggestion-docs New documentation suggestions

Comments

@rolf-d2i
Copy link

Summary

Tested exploit/linux/local/runc_cwd_priv_esc on arch linux to extend access with docker runc exploit.
Running Linux runc version 1.1.4 the exploit did not complete with success.

The exploit claims this system should have been vulnerable, but actual execution on host shows the exploit did not complete with success on arch linux. The Documentation on the exploit should be updated to document this, it is either is a bug, or arch linux is not vulnerable to this exploit, or the documentation is insufficient to correctly replicate the vulnerability.

Git link to exploit code tested https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/runc_cwd_priv_esc.rb
@rolf-d2i rolf-d2i added the suggestion-docs New documentation suggestions label Nov 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
suggestion-docs New documentation suggestions
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rolf-d2i