{"uuid": "eec0b8e4-fc57-45e6-a36d-bd4285f521ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-0185", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/147", "content": "CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers\n\nAn article describing an exploit for a slab-out-of-bounds bug in the fsconfig syscall handler. By FizzBuzz101, @clubby789, @ryaagard, @Chronos190, @ginkoid, and @chop0_.\n\nAuthors managed to both get LPE on the Ubuntu kernel and escape the kCTF infrastructure container, and thus claim the kCTF VRP bounty.\n\nThe bug was found with syzkaller, and it was also reported by syzbot.", "creation_timestamp": "2022-01-26T00:55:41.000000Z"}