README.md (2083B)
1 # cve-toolkit 2 3 A lightweight CVE detection toolkit for Linux systems. 4 5 ## Detected Vulnerabilities 6 7 | CVE | Alias | Details | 8 | ------------------------------------------------------------------ | --------------- | -------------------------------------------------------------------------- | 9 | [CVE-2016-5195](https://nvd.nist.gov/vuln/detail/CVE-2016-5195) | dirtycow | Privileged page-cache write via COW race (`pokedata` + `procmem` variants) | 10 | [CVE-2026-31431](https://www.cve.org/CVERecord?id=CVE-2026-31431) | CopyFail | Kernel crypto initialization bypass via `algif_aead` | 11 | [CVE-2026-43284](https://www.cve.org/CVERecord?id=CVE-2026-43284) | DirtyFrag | xfrm-ESP page-cache write LPE | 12 | [CVE-2026-46333](https://nvd.nist.gov/vuln/detail/CVE-2026-46333) | ssh-keysign-pwn | pidfd_getfd FD theft via mm-NULL dumpable bypass | 13 14 ## Build 15 16 ```bash 17 make 18 ``` 19 20 ## Usage 21 22 ```bash 23 ./cve-toolkit # Run all detectors 24 ./cve-toolkit -v # Run with verbose exploit logging 25 ./cve-toolkit --license # Print license and exit 26 ./cve-toolkit --help # Show help 27 ``` 28 29 The tool runs all bundled detectors, reports `[pass]`/`[fail]` per check to stderr, prints detected CVE IDs to stdout, and shows remediation steps. Exit code is `0` if all clean, `1` if any vulnerabilities are found. 30 31 ## Adding Detectors 32 33 Detectors live under `src/detector/`. Each `.c` file registers itself at startup via a `__attribute__((constructor))` function: 34 35 ```c 36 int detector_cve_XXXX_XXXXX(struct cve_context *ctx) { 37 // return 0 for pass, non-zero for fail 38 } 39 40 __attribute__((constructor)) 41 void detector_cve_XXXX_XXXXX_setup(void) { 42 detector_queue_append("CVE-XXXX-XXXXX", "Nickname", "Remediation text here.", detector_cve_XXXX_XXXXX); 43 } 44 ``` 45 46 Then just `make` — the Makefile picks up all `.c` files automatically.