{"uuid": "528ce907-1587-45dd-9fd3-f5d9fc17c8c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1907", "content": "|CVE-2022-2602 Kernel Exploit|\n\n\ud83d\udd25The vulnerability is an UAF that impacts the registered file descriptor functionality in the io_uring subsystem. It's possible to register a file in the io_uring context, free it from the Unix Garbage Collector(GC) and re-use it with the requested io_uring operation (for example, a writev operation). To exploit the bug, it was a matter of replace the freed file structure with a read-only file (e.g. /etc/passwd), in order to write into it, and achieve a good timing with a small race window.", "creation_timestamp": "2022-12-21T14:45:16.000000Z"}