342 matches found
dirtyfrag
Dirty Frag Overview Dirty Frag is a class of Linux ke...
-authencesn-poc
authencesn-poc Mrowl made by c0redev https://unitdev.run...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
Copy Fail — Python PoC CVE-2026-31431 This is a compact Pyt...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a warning in smcrxsplice, when calling getpage The smcloregisterdmb function allocates DMB buffers using kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fuse: We are returning to using readaheadfolio for readahead. In commit 3eab9d7bc2f4 “fuse: converting readahead to use folio, the logic was changed to use the new folio version of readahead. This removes the reference to the fol...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fixed incorrect argument types for skbqueuesplice. If retrying timestamp retrieval is necessary and the local list of SKBs already contains entries, then those entries are spliced back into the socket queue...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the byte count in sendmsg in siwtcpsendpages. Since the commit c2ff29e99a76 “siw: Inline dotcpsendpages”, we have been fixing this issue as follows: c static int siwtcpsendpagesstruct socket s, struct page page, i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: Do not replace a page in the rqpages array if it is a continuation of the last page. The splice read function calls nfsdspliceactor to place the pages containing file data into the svcrqst-rqpages array. However, it is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: exfat: fixed the missing shutdown check. The xfstests generic/730 test failed because, after deleting a device that still contained dirty data, the file could still be read without returning an error. The reason is the missing...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tls: Fixed a NULL dereference issue in tlsswspliceeof, where an empty plaintext/ciphertext buffer could cause confusion in the send path, as the empty ciphertext buffer did not have enough space for encryption overhead. This led ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Do not write to msggetinq in the callee. This fix addresses the issue of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it duri...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed error handling for unbuffered writes If all subrequests in an unbuffered write stream fail, the subrequest collector does not update the stream-transferred value, and it retains its initial LONGMAX value...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag - kernel Linux critical Vulnerability- CVE-2026-432...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 - Linux Kernel AFALG "Copy Fail" Local Privile...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copyfail — CVE-2026-31431 4-byte page-cache write primitive →...
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API AFALG sockets plus splice to write four bytes at a time straigh...
EUVD-2026-29037
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...