Linux Distros Unpatched Vulnerability : CVE-2026-46183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can als...

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

Posted by Seth Jenkins With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is...

EUVD-2022-35910

Malicious code in bioql PyPI...

EUVD-2024-20815

Malicious code in bioql PyPI...

Exploit for Use After Free in Google Android

This is a PoC Proof of Concept application demonstrating the power of an Android kernel arbitrary R/W, targeting CVE-2019-2215. The application is designed to exploit this vulnerability, which allows for arbitrary read and write access to the kernel. The exploit is implemented in the native/poc.c...

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write...

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write...

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.4 and iPadOS version 17.4, which originates from an...

DEBIAN-CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests

A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...

PT-2023-3564 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions =5.4 Description: The issue is related to incorrect verifier pruning in BPF in the Linux Kernel, which leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/write in kernel memory,...

CVE-2022-32844

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication...

Exploit for CVE-2018-8453

cve-2018-8453-exp cve-2018-8453 exp 本程序为cve-2018-8453的利用程序。 开发\测试平台：x86: windows 10 rs2 15063 x64: windos 10 rs2 16299 附： 使用Palette来读写内核 严重声明： 本工具仅用于技术研究学习。非法使用造成一切后果，均与本人无关。...

Exploit for CVE-2018-8453

cve-2018-8453-exp cve-2018-8453 exp This program is a util...

Linux BPF Sign Extension Local Privilege Escalation

Linux kernel prior to 4.14.8 contains a vulnerability in the Berkeley Packet Filter BPF verifier. The checkaluop function performs incorrect sign extension which allows the verifier to be bypassed, leading to arbitrary kernel read/write. The target system must be compiled with BPF support and...

Apple macOS - IOHIDSystem Kernel ReadWrite

Apple macOS - IOHIDSystem Kernel ReadWrite Sources: https://siguza.github.io/IOHIDeous/ https://github.com/Siguza/IOHIDeous/ IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here: https://siguza.github.io/IOHIDeous/ Notice The prefetch timing attack I'm using for hid for so...