Skip to content


Repository files navigation


As medicine pregressed using corpse, I want to learn resuming old vulnerabilities.


Resurrect corpes, I mean, vulnerabilities, can be troublesome


It's pretty cool to use qemu to run different kernels or debug them.

BTW sometimes it's a pain: so here some troubleshooting

  • try -m 1024 if panic

  • Could not read from CD-ROM (code 0009): download desktop version

  • Arch linux Qemu page

Old Ubuntu releases

You can grab them from

Debian kernel package

For Debian exists to retrieve old packages.

Take in mind that to find a specific vulnerable kernel package you have to read what is vulnerable from the specific vulnerability tracker here for dirtycow and probably you will find the source package; after that you must look at what packages have been generated from that (search on snapshot site the source package's name, look for the specific version from all the available ones and then there is a section named Binary packages).

After that, some kernel need an initrd that is generated when installed, without it the system fails to boot since at least the module to mount the root filesystem is needed.

The best option is probably use docker: insert a unique entry for that makes sense, install the kernel and after that copy the initrd from the /boot directory.

Root filesystem

If you have a root filesystem contained in a tar archive, you can create an empty file large enough, mount it and untarring the archive into it.

$ dd if=/dev/zero of=rootfs.ext4 status=progress bs=1M count=1024
$ sudo mkfs.ext4 rootfs.ext4 
$ mkdir mount
$ mount -o loop rootfs.ext4 mount
$ sudo mount -o loop rootfs.ext4 mount
$ sudo tar -xvf /tmp/amd64-rootfs-20170318T102216Z.tar.gz -C mount
$ sudo umount mount



Resurrect vulnerabilities one CVE at the times






No releases published


No packages published