Vagrantfile

Vagrant.configure("2") do |config|
  config.vm.box = "ubuntu/focal64"
  config.vm.provision :docker
  config.vm.network "private_network", ip: "192.168.56.11"
  config.vm.synced_folder ".", "/home/vagrant/demo", create: true
  config.ssh.extra_args = ["-t", "cd /home/vagrant/demo; bash --login"]
  config.vm.provider "virtualbox" do |v|
    v.memory = 8192
    v.cpus = 2
  end

  config.vm.provision "shell", inline: <<-SHELL
      cd /home/vagrant/demo

      apt-get update
      apt-get install -y build-essential clang conntrack libelf-dev net-tools linux-headers-5.8.0-48-generic linux-image-5.8.0-48-generic linux-modules-5.8.0-48-generic linux-tools-5.8.0-48-generic socat conntrack g++-multilib

      # build the exploit
      gcc -m32 -static -o cve-2021-22555 security-research/pocs/linux/cve-2021-22555/exploit.c

      # Install crictl
      VERSION="v1.22.0"
      wget https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
      sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
      rm -f crictl-$VERSION-linux-amd64.tar.gz
  SHELL

  # trigger reload to boot Linux 5.8.0-48-generic
  config.vm.provision :reload
end