io.mosip.kernel:kernel-config-server (>=1.2.1-rc1 <=1.3.1-rc.1), org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=7.0.0 <=7.1.6.2) +5 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=4.1.0 <=4.1.7)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.1.0, =1.2.1-rc1, =7.0.0, =7.0.0, =4.1.0, =3.1.0, =3.1.6 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...

io.mosip.kernel:kernel-config-server (>=1.2.1-rc1 <=1.3.1-rc.1), org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=7.0.0 <=7.1.6.2) +5 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=4.1.0 <=4.1.7)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.1.0, =1.2.1-rc1, =7.0.0, =7.0.0, =4.1.0, =3.1.0, =3.1.6 Source cves: CVE-2026-40982 Source advisory: OSV:GHSA-6G23-24MC-HX6X...

io.mosip.kernel:kernel-config-server (>=1.2.1-rc1 <=1.3.1-rc.1), org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=7.0.0 <=7.1.6.2) +5 more potentially affected by CVE-2026-41002 via org.springframework.cloud:spring-cloud-config-server (>=4.1.0 <=4.1.7)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.1.0, =1.2.1-rc1, =7.0.0, =7.0.0, =4.1.0, =3.1.0, =3.1.6 Source cves: CVE-2026-41002 Source advisory: OSV:GHSA-86WQ-234Q-R6WG...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 check Quick, read-only checker for the algif...

Kernel-Exploitation

🏆 Ultimate Master Guide: Kernel Exploit Labs Welcome to the b...

CVE-2025-10010 Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

Exploit for CVE-2023-4130

README This repo accompanies my research article Eternal-Tux...

Linux Distros Unpatched Vulnerability : CVE-2024-41027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fix userfaultfdapi to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config we fail silently and return all the...

CVE-2024-41027 Fix userfaultfd_api to return EINVAL as expected

In the Linux kernel, the following vulnerability has been resolved: Fix userfaultfdapi to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config we fail silently and return all the available features. However, the man page indicates we should return an...

CVE-2021-47430

In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 "x86/entry, selftests: Further improve user entry sanity checks" added a warning if AC is set when in the kernel. Commit 662a0221893a3d "x86/entry: Fix AC...

CVE-2021-47430 x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n

In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 "x86/entry, selftests: Further improve user entry sanity checks" added a warning if AC is set when in the kernel. Commit 662a0221893a3d "x86/entry: Fix AC...

CVE-2021-47178

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smpprocessorid in preemptible code The BUG message "BUG: using smpprocessorid in preemptible 00000000 code" was observed for TCMU devices with kernel config DEBUGPREEMPT. The message was observed when...

CVE-2021-47178

CVE-2021-47178 : Linux kernel vulnerability where smp_processor_id() was used in preemptible SCSI host work paths (target_core/tcm_loop), triggering a BUG: using smp_processor_id() in preemptible code on TCMU devices configured with DEBUG_PREEMPT. The symptom occurred during blktests (block/005) ...

CVE-2021-47178 scsi: target: core: Avoid smp_processor_id() in preemptible code

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smpprocessorid in preemptible code The BUG message "BUG: using smpprocessorid in preemptible 00000000 code" was observed for TCMU devices with kernel config DEBUGPREEMPT. The message was observed when...

CVE-2021-47178 scsi: target: core: Avoid smp_processor_id() in preemptible code

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smpprocessorid in preemptible code The BUG message "BUG: using smpprocessorid in preemptible 00000000 code" was observed for TCMU devices with kernel config DEBUGPREEMPT. The message was observed when...

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition

/ The Siemens R3964 line discipline code in drivers/tty/nr3964.c has a few races around its ioctl handler; for example, the handler for R3964ENABLESIGNALS just allocates and deletes elements in a linked list with zero locking. This code is reachable by an unprivileged user if the line discipline ...

openSUSE Security Update : tboot (openSUSE-2017-1308)

This update for tboot fixes the following issues : Security issues fixed : - CVE-2017-16837: Fix tbootfailed to validate a number of immutable function pointers, which could allow an attacker to bypass the chain of trust and execute arbitrary code boo1068390. - Make tboot package compatible with...

openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...