Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cgwalters/cve-2020-14386
https://github.com/cgwalters/cve-2020-14386
Last synced: 2 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/cgwalters/cve-2020-14386
- Owner: cgwalters
- Created: 2020-09-17T21:25:18.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-09-18T00:01:00.000Z (over 4 years ago)
- Last Synced: 2024-12-16T11:38:11.282Z (30 days ago)
- Language: C
- Size: 5.86 KB
- Stars: 43
- Watchers: 3
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - cgwalters/cve-2020-14386 - (C)
README
# Reproducer for CVE-2020-14386
Pre-built container: `registry.svc.ci.openshift.org/coreos/cve-2020-14386`
You probably want to test against an explicit node, like this:
```
apiVersion: v1
kind: Pod
metadata:
name: cve-2020-14386
spec:
restartPolicy: Never
nodeName:
containers:
- name: cve-2020-14386
image: registry.svc.ci.openshift.org/coreos/cve-2020-14386
imagePullPolicy: Always
```
Replace `yournode` with a particular node you want to validate, then
`kubectl create -f pod.yaml` from the content above.
If your kernel is vulnerable, the node may crash or reboot; use e.g.
`kubectl get node/` and check if the node goes `NotReady`
and reboots.
If the node is not vulnerable, then `kubectl logs pod/cve-2020-14386`
will show something like:
```
Running reproducer for CVE-2020-14386 in 5s - this may crash the node
Reproducer exited successfully - node probably not vulnerable
```