22286 matches found
copyfail
Copy Fail TL;DR $ curl https://git.dc09.xyz/DarkCat09/...
Copy Fail AF_ALG + authencesn Page-Cache Write
CVE-2026-31431 is a logic flaw in the Linux kernel's authencesn AEAD template that, when reached via the AFALG socket interface combined with splice, allows an unprivileged local user to perform a controlled 4-byte write into the page cache of any readable file. Because the corrupted pages are...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 — Copy Fail Linux Privilege Escalation Ov...
CVE-2026-42472
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from Redis in the RedisHandler object...
CVE-2026-42473
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
This is a public Proof-of-Concept PoC for CVE-2026-31431 "Cop...
CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940: cPanel/WHM Authentication Bypass Disclaim...
CVE-2026-31702
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...
CVE-2026-31694
In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...
CVE-2026-43026
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...
EUVD-2026-26511
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...
CVE-2026-31702
Summary of CVE-2026-31702 details from connected docs: The vulnerability is in the Linux kernel’s f2fs compression path. In f2fs_compress_write_end_io(), dec_page_count(sbi, type) could decrement the F2FS_WB_CP_DATA counter to zero while a concurrent unmount is unrolling, leading to a use-after-f...
CVE-2026-31702 f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...
CVE-2026-31694
In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...
CVE-2026-31694
Summary: CVE-2026-31694 fixes a Linux kernel FUSE directory-entry handling flaw. A malicious FUSE server could cause a 24-byte overflow by returning a dirent whose serialized size (based on namelen) exceeds a single PAGE_SIZE. The bug arises in fuse_add_dirent_to_cache(), which previously only ch...
CVE-2026-31694
In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...
CVE-2026-31694 fuse: reject oversized dirents in page cache
In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...
EUVD-2026-26503
In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...
Exploit for CVE-2026-31431
Copy Fail — CVE-2026-31431 CVE-2026-31431 Copy Fail is a lo...