Add kernelCTF CVE-2024-50264_lts_cos

pocs/linux/kernelctf/CVE-2024-50264_lts_cos/docs/vulnerability.md

@@ -0,0 +1,12 @@
+- Requirements:
+    - Capabilites: None
+    - Kernel configuration: CONFIG_VSOCKETS, CONFIG_VSOCKETS_LOOPBACK
+    - User namespaces required: No
+- Introduced by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/vmw_vsock?id=06a8fc78367d070720af960dcecec917d3ae5f3b
+- Fixed by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/vmw_vsock?id=6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f
+- Affected kernel versions: v4.8-rc1 - v6.12-rc7
+- Affected component: vsock
+- Syscall to disable: socket
+- URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50264
+- Cause: Use-After-Free
+- Description: During vsock loopback communication, a dangling pointer can be created in vsk->trans. In a complex race condition scenario, this dangling pointer can be dereferenced, leading to a Use-After-Free condition.

pocs/linux/kernelctf/CVE-2024-50264_lts_cos/exploit/cos-109-17800.309.84/Makefile

@@ -0,0 +1,26 @@
+# define complier type
+CC = gcc
+# compile options setting
+CFLAGS = -O2 -static -w
+# library link & option setting
+LDFLAGS = -lkeyutils
+
+SUBDIRS = modules
+
+prerequisites:
+	sudo apt-get install libkeyutils-dev
+
+clean_subdirs:
+	@for dir in $(SUBDIRS); do \
+		$(MAKE) -C $$dir clean; \
+	done
+
+exploit: exploit.c modules/helper.o modules/pipe.o modules/xattr.o modules/msg_msg.o modules/keyring.o 
+	$(CC) $(CFLAGS) $^ -o $@ $(LIBS) $(INCLUDES) $(LDFLAGS) 
+
+all:
+	$(MAKE) exploit
+
+clean:
+	$(MAKE) clean_subdirs
+	rm -f *.o exploit