{"vulnerability": "CVE-2023-35829", "sightings": [{"uuid": "72d085bb-f553-432d-a606-0ba093482e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/17377", "content": "Latest news and stories from BleepingComputer.com\nFake Linux vulnerability exploit drops data-stealing malware\n\n\u200bCybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]", "creation_timestamp": "2023-07-13T23:07:34.000000Z"}, {"uuid": "263f12b5-03d8-482d-b01c-f83f3fddd689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/17373", "content": "\u200aFake Linux vulnerability exploit drops data-stealing malware\n\n\u200bCybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]\n\nhttps://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware/", "creation_timestamp": "2023-07-13T18:58:10.000000Z"}, {"uuid": "dac1b347-0bd7-4c7a-a486-aeec0309c343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/399", "content": "https://onhexgroup.ir/fake-poc-cve-2023-35829/", "creation_timestamp": "2023-07-23T10:03:27.000000Z"}, {"uuid": "05eb5b45-0bc0-46a3-ac40-5aed14463f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4673", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-35829 Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. \nURL\uff1ahttps://github.com/ChriSanders22/CVE-2023-35829-poc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-03T13:25:05.000000Z"}, {"uuid": "ed6f6cea-c1ce-4778-931c-31775d269082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4674", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-35829 Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. \nURL\uff1ahttps://github.com/ChriSanders22/CVE-2023-20871-poc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-03T13:37:17.000000Z"}, {"uuid": "0287ebd8-23e2-49e2-a347-423154fc192e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "exploited", "source": "https://t.me/anti_malware/15435", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0441\u0444\u0435\u0440\u0435 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0435\u0439\u043a\u043e\u0432\u043e\u0433\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 (proof-of-concept, PoC) \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-35829. \u041d\u0430 \u0434\u0435\u043b\u0435 \u044d\u0442\u043e\u0442 PoC \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 Linux \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443, \u0432\u043e\u0440\u0443\u044e\u0449\u0443\u044e \u043f\u0430\u0440\u043e\u043b\u0438.", "creation_timestamp": "2023-07-14T09:13:22.000000Z"}, {"uuid": "3e0b3570-892d-4f31-8c54-4a506f4b091e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/18637", "content": "\u200b\u200bCVE-2023-35829\n\nLinux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.\n\nhttps://github.com/ChriSanders22/CVE-2023-35829-poc\n\n#cve #cybersecurity #infosec", "creation_timestamp": "2023-07-04T18:25:26.000000Z"}, {"uuid": "0b026dc9-4e28-4f69-8e01-4c991a1758e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/3595", "content": "Watch out, researchers! A recently discovered proof-of-concept (PoC) exploit on GitHub for CVE-2023-35829 turns out to be a malicious downloader. It silently executes a bash script disguised as a kernel-level process. \n \nRead more: https://thehackernews.com/2023/07/blog-post.html", "creation_timestamp": "2023-07-13T15:05:53.000000Z"}, {"uuid": "063befb2-1440-40b5-befb-956136633271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3109", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory\n\nWeb Check\n\nGet detailed report about IP or domain:\n\nLocation\nSSL Info\nHeaders\nDomain and host names\nWhois\nDNS records\nCrawl rules\nCookies\nServer Info\nRedirects\nServer status\nTXT Config\n\nOnline version web-check.as93.net\nSource code https://github.com/Lissy93/web-check\n\n#osint\n\n\u200b\u200bAuRA - Auth. Request Analyser\n\nThis Chromium extensions aims at supporting the analysis of single sign-on implementations, by offering semi-automated analysis and attack capabilities for OAuth 2.0 and OpenID Connect 1.0 Authorization/Authentication Requests.\n\nhttps://github.com/lauritzh/auth-request-analyser\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bawesome-linux-attack-forensics-purplelabs\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\n#cybersecurity #infosec #forensic\n\nPulling SYSTEM out of Windows GINA\n\nAuthentication Bypass to SYSTEM shell in ManageEngine ADSelfService Plus Windows GINA Client.\n\nhttps://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/adselfpwnplus/adselfpwnplus.md\n\n#infosec #pentesting #redteam\n\n\u200b\u200btiny_tracer\n\nA Pin Tool for tracing API calls etc\n\nhttps://github.com/hasherezade/tiny_tracer\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bChaos Client\n\nGo client to communicate with Chaos dataset API.\n\nhttps://github.com/projectdiscovery/chaos-client\n\n#cybersecurity #infosec\n\n\u200b\u200bIAT-Tracer\n\nAn automation plugin for Tiny-Tracer framework to trace functions directly out of the executable's import table.\n\nhttps://github.com/YoavLevi/IAT-Tracer\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-35829\n\nLinux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.\n\nhttps://github.com/ChriSanders22/CVE-2023-35829-poc\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCMSeeK\n\nCMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs.\n\nhttps://github.com/Tuhinshubhra/CMSeeK\n\n#infosec #redteam #bugbounty\n\n\u200b\u200bDOMSCAN\n\nA simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.\n\nhttps://github.com/lauritzh/domscan\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bMiniShell\n\nShell backdoor free bypass.\n\nhttps://github.com/Mr-7Mind/MiniShell\n\n#infosec #pentesting #redteam\n\nhttps://clipdrop.co/uncrop\n\nIf you need an image of a certain width or height, and the original image doesn't fit in any way, you can use this #AI tool to draw the edges on it.\n\nGeolocation Analysis Diagram \n\nA list (flowchart) of dozens of objects that can provide clues to finding the location of an photo. Can be used as a checklist when solving complex #geoint tasks.\n\nHigh quality https://github.com/seintpl/osint/blob/main/Geolocation%20Analysis%20Diagram%20Outside%20clues.pdf \n\n#geoint\n\n#infosec #cybersecurity \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-04T17:21:31.000000Z"}, {"uuid": "0de9d27d-fbad-4a89-85fe-e54f0c10a3ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35829", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8612", "content": "#exploit\n1. CVE-2023-35829:\nLinux kernel <6.3.2 - UaF in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c\nhttps://github.com/ChriSanders22/CVE-2023-35829-poc\n\n2. Backdoor exploit program which helps an user to get information from any user when deployed to the target machine\nhttps://github.com/vaibhavbais007/Backdoor-exploit-python-program\n\n3. CVE-2023-21670:\nQualcomm Adreno/KGSL Insecure Execution\nhttps://packetstormsecurity.com/files/173296/Qualcomm-Adreno-KGSL-Insecure-Execution.html", "creation_timestamp": "2023-07-05T11:01:01.000000Z"}]}