Linux系统漏洞速查表

内网渗透
Word count: 3.1k   |   Reading time≈ 19 min 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#### #CVE  #Description  #Kernels
- [CVE–2018–18955](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2018/CVE-2018-18955)  [map_write() in kernel/user_namespace.c allows privilege escalation]  (Linux kernel 4.15.x through 4.19.x before 4.19.2)
- [CVE–2018–1000001](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2018/CVE–2018–1000001)  [glibc]  (glibc <= 2.26)
- [CVE-2017-1000367](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-1000367)  [Sudo] (Sudo 1.8.6p7 - 1.8.20)
- [CVE-2017-1000112](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-1000112)  [a memory corruption due to UFO to non-UFO path switch]
- [CVE-2017-16995](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-16995)  [Memory corruption caused by BPF verifier] (Linux kernel before 4.14 - 4.4)
- [CVE-2017-16939](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-16939)  [UAF in Netlink socket subsystem – XFRM] (Linux kernel before 4.13.11)
- [CVE-2017-7494](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-7494)  [Samba Remote execution]  (Samba 3.5.0-4.6.4/4.5.10/4.4.14)
- [CVE-2017-7308](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-7308)  [a signedness issue in AF_PACKET sockets]  (Linux kernel through 4.10.6)
- [CVE-2017-6074](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-6074)  [a double-free in DCCP protocol]  (Linux kernel through 4.9.11)
- [CVE-2017-5123](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2017/CVE-2017-5123)  ['waitid()']  (Kernel 4.14.0-rc4+)
- [CVE-2016-9793](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2016/CVE-2016-9793)  [a signedness issue with SO_SNDBUFFORCE and SO_RCVBUFFORCE socket options]
  (Linux kernel before 4.8.14)
- [CVE-2016-5195](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2016/CVE-2016-5195)  [Dirty cow]  (Linux kernel>2.6.22 (released in 2007))
- [CVE-2016-2384](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2016/CVE-2016-2384)  [a double-free in USB MIDI driver]  (Linux kernel before 4.5)
- [CVE-2016-0728](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2016/CVE-2016-0728)  [pp_key]  (3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
- [CVE-2015-7547](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2015/CVE-2015-7547)  [glibc getaddrinfo]  (before Glibc 2.9)
- [CVE-2015-1328](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2015/CVE-2015-1328)  [overlayfs]  (3.13, 3.16.0, 3.19.0)
- [CVE-2014-5284](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-5284)  [OSSEC]  (2.8)
- [CVE-2014-4699](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-4699)  [ptrace]  (before 3.15.4)
- [CVE-2014-4014](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-4014)  [Local Privilege Escalation]  (before 3.14.8)
- [CVE-2014-3153](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-3153)  [futex]  (3.3.5 ,3.3.4 ,3.3.2 ,3.2.13 ,3.2.9 ,3.2.1 ,3.1.8 ,3.0.5 ,3.0.4 ,3.0.2 ,3.0.1 ,2.6.39 ,2.6.38 ,2.6.37 ,2.6.35 ,2.6.34 ,2.6.33 ,2.6.32 ,2.6.9 ,2.6.8 ,2.6.7 ,2.6.6 ,2.6.5 ,2.6.4 ,3.2.2 ,3.0.18 ,3.0 ,2.6.8.1)
- [CVE-2014-0196](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-0196)  [rawmodePTY]  (2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.14, 3.15)
- [CVE-2014-0038](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2014/CVE-2014-0038)  [timeoutpwn]  (3.4, 3.5, 3.6, 3.7, 3.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
- [CVE-2013-2094](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2013/CVE-2013-2094)  [perf_swevent]  (3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.8, 3.4.9, 3.5, 3.6, 3.7, 3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9)
- [CVE-2013-1858](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2013/CVE-2013-1858)  [clown-newuser]  (3.3-3.8)
- [CVE-2013-1763](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2013/CVE-2013-1763)  [__sock_diag_rcv_msg]  (before 3.8.3)
- [CVE-2013-0268](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2013/CVE-2013-0268)  [msr]  (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7.0, 3.7.6)
- [CVE-2012-3524](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2012/CVE-2012-3524)  [libdbus]  (libdbus 1.5.x and earlier)
- [CVE-2012-0056](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2012/CVE-2012-0056)  [memodipper]  (2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0)
- [CVE-2010-4347](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-4347)  [american-sign-language]  ( 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
- [CVE-2010-4258](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-4258)  [full-nelson]  (2.6.31, 2.6.32, 2.6.35, 2.6.37)
- [CVE-2010-4073](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-4073)  [half_nelson]  (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
- [CVE-2010-3904](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-3904)  [rds]  (2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
- [CVE-2010-3437](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-3437)  [pktcdvd]  (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
- [CVE-2010-3301](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-3301)  [ptrace_kmod2]  (2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
- [CVE-2010-3081](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-3081)  [video4linux]  (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33)
- [CVE-2010-2959](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-2959)  [can_bcm]  (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
- [CVE-2010-1146](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-1146)  [reiserfs]  (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
- [CVE-2010-0415](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2010/CVE-2010-0415)  [do_pages_move]  (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
- [CVE-2009-3547](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-3547)  [pipe.c_32bit]  (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
- [CVE-2009-2698](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-2698)  [udp_sendmsg_32bit]  (2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19)
- [CVE-2009-2692](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-2692)  [sock_sendpage]  (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
- [CVE-2009-2692](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-2692)  [sock_sendpage2]  (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
- [CVE-2009-1337](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-1337)  [exit_notify]  (2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
- [CVE-2009-1185](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2009/CVE-2009-1185)  [udev]  (2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
- [CVE-2008-4210](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2008/CVE-2008-4210)  [ftrex]  (2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22)
- [CVE-2008-0600](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2008/CVE-2008-0600)  [vmsplice2]  (2.6.23, 2.6.24)
- [CVE-2008-0600](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2008/CVE-2008-0600)  [vmsplice1]  (2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.24.1)
- [CVE-2006-3626](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2006/CVE-2006-3626)  [h00lyshit]  (2.6.8, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16)
- [CVE-2006-2451](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2006/CVE-2006-2451)  [raptor_prctl]  (2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17)
- [CVE-2005-0736](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2005/CVE-2005-0736)  [krad3]  (2.6.5, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11)
- [CVE-2005-1263](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2005/CVE-2005-1263)  [binfmt_elf.c]  (Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4)
- [CVE-2004-1235](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2004/CVE-2004-1235)  [elflbl]  (2.4.29)
- [CVE-N/A](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2004/caps_to_root)  [caps_to_root]  (2.6.34, 2.6.35, 2.6.36)
- [CVE-2004-0077](https://github.com/SecWiki/linux-kernel-exploits/blob/master/2004/CVE-2004-0077)  [mremap_pte]  (2.4.20, 2.2.24, 2.4.25, 2.4.26, 2.4.27)

来源:https://github.com/SecWiki/linux-kernel-exploits

  • Copyrights © 2018-2021 rich4rd
  • Visitors:4959 | Views:7115