[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-6517":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":18,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":16,"starSnapshotCount":16,"syncStatus":36,"lastSyncTime":37,"discoverSource":38},6517,"linux-kernel-exploits","SecWiki\u002Flinux-kernel-exploits","SecWiki","linux-kernel-exploits Linux平台提权漏洞集合","",null,"C",5610,1731,279,3,0,1,5,16,40.72,"MIT License",false,"master",true,[26,27,28,29,30,31,32],"awesome","collection","exploit","kernel","linux","pentest","tool","2026-06-12 02:01:25","# linux-kernel-exploits\n\n### 简介\n\nlinux-kernel-exploits\n\n\n***\n\n#### 漏洞列表\n#### #CVE　　#Description　　#Kernels  \n\n- [CVE–2018–18955](.\u002F2018\u002FCVE-2018-18955)　　[map_write() in kernel\u002Fuser_namespace.c allows privilege escalation]  \n(Linux kernel 4.15.x through 4.19.x before 4.19.2)  \n\n- [CVE–2018–1000001](.\u002F2018\u002FCVE–2018–1000001)　　[glibc]  \n(glibc \u003C= 2.26)  \n\n- [CVE-2017-1000367](.\u002F2017\u002FCVE-2017-1000367)　　[Sudo]\n(Sudo 1.8.6p7 - 1.8.20)  \n\n- [CVE-2017-1000112](.\u002F2017\u002FCVE-2017-1000112)　　[a memory corruption due to UFO to non-UFO path switch]  \n\n- [CVE-2017-16995](.\u002F2017\u002FCVE-2017-16995)　　[Memory corruption caused by BPF verifier] \n(Linux kernel before 4.14 - 4.4)\n\n- [CVE-2017-16939](.\u002F2017\u002FCVE-2017-16939)　　[UAF in Netlink socket subsystem – XFRM] \n(Linux kernel before 4.13.11)\n\n- [CVE-2017-7494](.\u002F2017\u002FCVE-2017-7494)　　[Samba Remote execution]  \n(Samba 3.5.0-4.6.4\u002F4.5.10\u002F4.4.14)  \n\n- [CVE-2017-7308](.\u002F2017\u002FCVE-2017-7308)　　[a signedness issue in AF\\_PACKET sockets]  \n(Linux kernel through 4.10.6)  \n\n- [CVE-2017-6074](.\u002F2017\u002FCVE-2017-6074)　　[a double-free in DCCP protocol]  \n(Linux kernel through 4.9.11)  \n\n- [CVE-2017-5123](.\u002F2017\u002FCVE-2017-5123)　　['waitid()']  \n(Kernel 4.14.0-rc4+)  \n\n- [CVE-2016-9793](.\u002F2016\u002FCVE-2016-9793)　　[a signedness issue with SO\\_SNDBUFFORCE and SO\\_RCVBUFFORCE socket options]  \n(Linux kernel before 4.8.14)  \n\n- [CVE-2016-5195](.\u002F2016\u002FCVE-2016-5195)　　[Dirty cow]  \n(Linux kernel>2.6.22 (released in 2007))  \n\n- [CVE-2016-2384](.\u002F2016\u002FCVE-2016-2384)　　[a double-free in USB MIDI driver]  \n(Linux kernel before 4.5)  \n\n- [CVE-2016-0728](.\u002F2016\u002FCVE-2016-0728)　　[pp_key]  \n(3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)  \n\n- [CVE-2015-7547](.\u002F2015\u002FCVE-2015-7547)　　[glibc getaddrinfo]  \n(before Glibc 2.9)  \n\n- [CVE-2015-1328](.\u002F2015\u002FCVE-2015-1328)　　[overlayfs]  \n(3.13, 3.16.0, 3.19.0)  \n\n- [CVE-2014-5284](.\u002F2014\u002FCVE-2014-5284)　　[OSSEC]  \n(2.8)  \n\n- [CVE-2014-4699](.\u002F2014\u002FCVE-2014-4699)　　[ptrace]  \n(before 3.15.4)  \n\n- [CVE-2014-4014](.\u002F2014\u002FCVE-2014-4014)　　[Local Privilege Escalation]  \n(before 3.14.8)  \n\n- [CVE-2014-3153](.\u002F2014\u002FCVE-2014-3153)　　[futex]  \n(3.3.5 ,3.3.4 ,3.3.2 ,3.2.13 ,3.2.9 ,3.2.1 ,3.1.8 ,3.0.5 ,3.0.4 ,3.0.2 ,3.0.1 ,2.6.39 ,2.6.38 ,2.6.37 ,2.6.35 ,2.6.34 ,2.6.33 ,2.6.32 ,2.6.9 ,2.6.8 ,2.6.7 ,2.6.6 ,2.6.5 ,2.6.4 ,3.2.2 ,3.0.18 ,3.0 ,2.6.8.1)  \n\n- [CVE-2014-0196](.\u002F2014\u002FCVE-2014-0196)　　[rawmodePTY]  \n(2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.14, 3.15)  \n\n- [CVE-2014-0038](.\u002F2014\u002FCVE-2014-0038)　　[timeoutpwn]  \n(3.4, 3.5, 3.6, 3.7, 3.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)  \n\n- [CVE-2013-2094](.\u002F2013\u002FCVE-2013-2094)　　[perf_swevent]  \n(3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.8, 3.4.9, 3.5, 3.6, 3.7, 3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9)  \n\n- [CVE-2013-1858](.\u002F2013\u002FCVE-2013-1858)　　[clown-newuser]  \n(3.3-3.8)  \n\n- [CVE-2013-1763](.\u002F2013\u002FCVE-2013-1763)　　[__sock_diag_rcv_msg]  \n(before 3.8.3)  \n\n- [CVE-2013-0268](.\u002F2013\u002FCVE-2013-0268)　　[msr]  \n(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7.0, 3.7.6)  \n\n- [CVE-2012-3524](.\u002F2012\u002FCVE-2012-3524)　　[libdbus]  \n(libdbus 1.5.x and earlier)  \n\n- [CVE-2012-0056](.\u002F2012\u002FCVE-2012-0056)　　[memodipper]  \n(2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0)  \n\n- [CVE-2010-4347](.\u002F2010\u002FCVE-2010-4347)　　[american-sign-language]  \n(\t2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2010-4258](.\u002F2010\u002FCVE-2010-4258)　　[full-nelson]  \n(2.6.31, 2.6.32, 2.6.35, 2.6.37)  \n\n- [CVE-2010-4073](.\u002F2010\u002FCVE-2010-4073)　　[half_nelson]  \n(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2010-3904](.\u002F2010\u002FCVE-2010-3904)　　[rds]  \n(2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2010-3437](.\u002F2010\u002FCVE-2010-3437)　　[pktcdvd]  \n(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2010-3301](.\u002F2010\u002FCVE-2010-3301)　　[ptrace_kmod2]  \n(2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)  \n\n- [CVE-2010-3081](.\u002F2010\u002FCVE-2010-3081)　　[video4linux]  \n(2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33)  \n\n- [CVE-2010-2959](.\u002F2010\u002FCVE-2010-2959)　　[can_bcm]  \n(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2010-1146](.\u002F2010\u002FCVE-2010-1146)　　[reiserfs]  \n(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)  \n\n- [CVE-2010-0415](.\u002F2010\u002FCVE-2010-0415)　　[do_pages_move]  \n(2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)  \n\n- [CVE-2009-3547](.\u002F2009\u002FCVE-2009-3547)　　[pipe.c_32bit]  \n(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)  \n\n- [CVE-2009-2698](.\u002F2009\u002FCVE-2009-2698)　　[udp_sendmsg_32bit]  \n(2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19)  \n\n- [CVE-2009-2692](.\u002F2009\u002FCVE-2009-2692)　　[sock_sendpage]  \n(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)  \n\n- [CVE-2009-2692](.\u002F2009\u002FCVE-2009-2692)　　[sock_sendpage2]  \n(2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)  \n\n- [CVE-2009-1337](.\u002F2009\u002FCVE-2009-1337)　　[exit_notify]  \n(2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)  \n\n- [CVE-2009-1185](.\u002F2009\u002FCVE-2009-1185)　　[udev]  \n(2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)  \n\n- [CVE-2008-4210](.\u002F2008\u002FCVE-2008-4210)　　[ftrex]  \n(2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22)  \n\n- [CVE-2008-0600](.\u002F2008\u002FCVE-2008-0600)　　[vmsplice2]  \n(2.6.23, 2.6.24)  \n\n- [CVE-2008-0600](.\u002F2008\u002FCVE-2008-0600)　　[vmsplice1]  \n(2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.24.1)  \n\n- [CVE-2006-3626](.\u002F2006\u002FCVE-2006-3626)　　[h00lyshit]  \n(2.6.8, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16)  \n\n- [CVE-2006-2451](.\u002F2006\u002FCVE-2006-2451)　　[raptor_prctl]  \n(2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17)  \n\n- [CVE-2005-0736](.\u002F2005\u002FCVE-2005-0736)　　[krad3]  \n(2.6.5, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11)  \n\n- [CVE-2005-1263](.\u002F2005\u002FCVE-2005-1263)　　[binfmt_elf.c]  \n(Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4)  \n\n- [CVE-2004-1235](.\u002F2004\u002FCVE-2004-1235)　　[elflbl]  \n(2.4.29)  \n\n- [CVE-N\u002FA](.\u002F2004\u002Fcaps_to_root)　　[caps_to_root]  \n(2.6.34, 2.6.35, 2.6.36)  \n\n- [CVE-2004-0077](.\u002F2004\u002FCVE-2004-0077)　　[mremap_pte]  \n(2.4.20, 2.2.24, 2.4.25, 2.4.26, 2.4.27)  \n\n### 工具\n- [Linux_Exploit_Suggester](https:\u002F\u002Fgithub.com\u002FPenturaLabs\u002FLinux_Exploit_Suggester)　[@PenturaLabs](https:\u002F\u002Fgithub.com\u002FPenturaLabs\u002FLinux_Exploit_Suggester)  \n- [mzet-\u002Flinux-exploit-suggester](https:\u002F\u002Fgithub.com\u002Fmzet-\u002Flinux-exploit-suggester)  \n- [jondonas\u002Flinux-exploit-suggester-2](https:\u002F\u002Fgithub.com\u002Fjondonas\u002Flinux-exploit-suggester-2\u002Fblob\u002Fmaster\u002Flinux-exploit-suggester-2.pl)  \n- [spencerdodd\u002Fkernelpop](https:\u002F\u002Fgithub.com\u002Fspencerdodd\u002Fkernelpop)\n\n### 项目维护\n\n+ **ourren**(sina weibo \u003Ca href=\"http:\u002F\u002Fweibo.com\u002Fcodesec\">@ourren\u003C\u002Fa>) \n+ **hx**(sina weibo \u003Ca href=\"http:\u002F\u002Fweibo.com\u002FHexajon\">@hx\u003C\u002Fa>)\n+ **CaledoniaProject**(github \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FCaledoniaProject\">@CaledoniaProject\u003C\u002Fa>)\n\n### 免责说明\n\n请勿用于非法的用途，否则造成的严重后果与本项目无关。\n\n### 参考链接\n\n- [kernel exploits](https:\u002F\u002Fwww.kernel-exploits.com\u002F)\n- [Unix-Privilege-Escalation-Exploits-Pack](https:\u002F\u002Fgithub.com\u002FKabot\u002FUnix-Privilege-Escalation-Exploits-Pack\u002F)\n- [A bunch of proof-of-concept exploits for the Linux kernel](https:\u002F\u002Fgithub.com\u002Fxairy\u002Fkernel-exploits)  \n- [kernel-exploits](https:\u002F\u002Fgithub.com\u002Flucyoa\u002Fkernel-exploits)\n\n### 转载\n\n转载请注明来自https:\u002F\u002Fgithub.com\u002FSecWiki\u002Flinux-kernel-exploits\n\n### 补充完善\n欢迎大家帮助补充完善　[git_man@outlook.com](git_man@outlook.com)  \n\n&copy;\u003Ca href=\"https:\u002F\u002Fwww.sec-wiki.com\" target=\"_blank\">SecWiki\u003C\u002Fa> 2017\n\n\n","SecWiki\u002Flinux-kernel-exploits 是一个收集了多个 Linux 内核提权漏洞的项目。该项目主要使用 C 语言编写，包含了从 CVE-2013 到 CVE-2018 年间发现的多种内核漏洞，如 Dirty COW、UFO 路径切换导致的内存破坏等，并提供了详细的漏洞描述和受影响的内核版本。这些漏洞大多涉及权限提升、内存破坏等问题，部分还涉及到 Samba 和 glibc 等软件。此项目适合安全研究人员、渗透测试人员以及系统管理员用于了解和测试 Linux 系统的安全性，帮助他们识别和修复潜在的安全风险。",2,"2026-06-11 03:07:23","top_language"]