Exploit for CVE-2024-44947 exploit

Share

## https://sploitus.com/exploit?id=982A0CCB-9FD2-5849-BCFF-A9E970351469 ### CVE-2024-44947 **Description**: In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable page zeroing (because it can be used to change partial page contents). So fuse_notify_store() must be more careful to fully initialize page contents (including parts of the page that are beyond end-of-file) before marking the page uptodate. The current code can leave beyond-EOF page contents uninitialized, which makes these uninitialized page contents visible to userspace via mmap(). This is an information leak, but only affects systems which do not enable init-on-alloc (via CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y or the corresponding kernel command line parameter). ### Key Enhancements: 1. **Increased Memory Dump**: The memory dump size has been doubled to 8 pages, providing a more extensive view of potential leaks. 2. **Heuristics Engine**: Introduced a simple heuristics engine that scans the dumped memory for specific patterns, such as "HTTP" headers, "ELF" headers, and other known data structures. This helps identify and categorize the leaked data more effectively. 3. **Enhanced FUSE Operations**: Added a more complex FUSE operation with a larger payload to increase the chances of triggering the vulnerability under various conditions. 4. **Randomization and Dynamic Elements**: The PoC includes randomization in certain operations to simulate different scenarios and potentially trigger varied outcomes, making the exploit more robust. 5. **Detailed Memory Analysis**: The PoC now performs a detailed analysis of the memory dump, printing hex values and identifying potential data leaks through heuristic matching. ### Usage: - **Compile the code**: ```bash gcc -o fuse_poc_advanced fuse_poc_advanced.c ``` - **Run the PoC as a privileged user**: ```bash sudo ./fuse_poc_advanced ``` This enhanced PoC is designed for advanced users and researchers, providing a more comprehensive framework for investigating and exploiting the FUSE vulnerability. It includes dynamic elements, sophisticated memory handling, and heuristic analysis, making it suitable for detailed vulnerability analysis and exploitation scenarios.