CVE-2026-48066

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

UBUNTU-CVE-2026-45959

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of the cleanupkfree attribute in the crypto/ccp driver. This improper usage...

Cista 代码问题漏洞

Cista is a C++ data serialization and reflection tool developed by Felix Gündling. Versions of Cista prior to 0.15 contained code vulnerabilities. These vulnerabilities stemmed from unsafe deserialization of untrusted inputs, which could lead to stack address leaks and bypassing ASLR protection...

CVE-2022-23467

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

EUVD-2025-201195

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imxsckeyaction function is called...

CVE-2025-40262

In CVE-2025-40262, the Linux kernel is affected by a memory corruption issue in the imx_sc_key flow. The root cause is passing an address (&priv) of a stack variable instead of the intended priv in imx_sc_key_action(), leading to memory corruption on unload. The description indicates the fix is t...

EUVD-2018-11641

Malware in sbrugna...

EUVD-2022-28533

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-47069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive...

CVE-2025-38445 md/raid1: Fix stack memory use after return in raid1_reshape

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

welpwn

Introduction Pwnning is an art. welpwn is designed to make pwnning an art, freeing you from dozens of meaningless jobs. Features - Automatically get those magic values for you. - libc address - heap address - stack address - program address with PIE - canary - Support multi glibc debugging. - 2.1...

CVE-2024-58008 KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...

CVE-2024-47666 scsi: pm80xx: Set phy->enable_completion only when we wait for it

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly synchronize the processing of PHY control responses, resulting in accessing a stack...

SUSE CVE-2021-47069

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

UBUNTU-CVE-2021-47069

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

CVE-2022-23467

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

CVE-2022-23467 Out of Bounds Read in OpenRazer Driver

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

CVE-2022-23467

OpenRazer CVE-2022-23467 affects the OpenRazer Linux driver/daemon. The vulnerability is an out-of-bounds read in the razer_attr_read_dpi_stages that can leak stack addresses and potentially bypass KASLR. Exploitation requires access to a user’s keyboard/mouse or convincing the user to use a modi...