secwiki/linux-kernel-exploits — explained in plain English
Analysis updated 2026-06-26
Look up which CVE exploits affect a specific Linux kernel version during an authorized security assessment.
Study how a specific class of Linux kernel vulnerability works for security research or CTF preparation.
Find reference code for a known privilege escalation bug when practicing in a legal lab environment.
| secwiki/linux-kernel-exploits | ziparchive/ziparchive | andmarti1424/sc-im | |
|---|---|---|---|
| Stars | 5,598 | 5,592 | 5,618 |
| Language | C | C | C |
| Setup difficulty | hard | easy | moderate |
| Complexity | 4/5 | 2/5 | 3/5 |
| Audience | researcher | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Each exploit requires a matching vulnerable kernel version, there is no unified setup, look inside individual CVE folders for details.
This repository is a curated collection of privilege escalation exploits targeting the Linux kernel. Privilege escalation means taking a user account with limited permissions and gaining full administrative (root) access to the system by exploiting a security flaw. The collection is maintained by SecWiki, a Chinese security community, and the repository description is written in Chinese. The README is structured as a long list of known vulnerabilities, each identified by a CVE number. CVE stands for Common Vulnerabilities and Exposures, which is the standard naming system used by the security industry to track and reference specific bugs. Each entry links to a folder in the repository containing code or scripts related to that vulnerability, and notes which kernel versions are affected. The vulnerabilities span roughly a decade of Linux kernel releases, from the 2.4 and 2.6 series through the 4.x line. Some entries target specific kernel subsystems such as networking, USB drivers, or user namespaces. Others target shared system libraries like glibc or utilities like Sudo that run on top of the kernel. Well-known entries include "Dirty Cow" (CVE-2016-5195), a widely exploited memory flaw that affected Linux kernels released after 2007. This repository is intended for security researchers, penetration testers, and people studying how kernel vulnerabilities work in a controlled or authorized context. It is not a tool for production software development. Each entry is essentially a reference and a starting point for understanding a specific class of bug rather than a finished, packaged tool. The README does not explain how to set up or run any individual exploit. For details on a specific CVE, you would look inside the corresponding folder.
A curated reference index of Linux kernel privilege escalation exploits organized by CVE number, covering vulnerabilities from kernel 2.4 through 4.x, intended for security researchers and authorized penetration testers studying how kernel flaws work.
Mainly C. The stack also includes C.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.