You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 19, 2024. It is now read-only.
readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file. Through elaborately constructed elf files, remote code execution can be realized.
PoC
./readelf -d poc_elf_overflow
Dynamic section at offset 0x2df8 contains (up to) 30 entries:
Tag Type Name/Value
zsh: segmentation fault ./readelf -d poc_elf_overflow
Hi,
readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file. Through elaborately constructed elf files, remote code execution can be realized.
PoC
poc_elf_overflow.zip
Patch
The text was updated successfully, but these errors were encountered: