CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

CVE-2025-63384

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...

EUVD-2025-50785

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...

CVE-2025-63384

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...

CVE-2025-63384

CVE-2025-63384 affects RISC-V Rocket-Chip v1.6 and earlier. The SRET instruction fails to downgrade from M-mode to S-mode as dictated by sstatus.SPP, causing a privilege retention vulnerability where execution remains in Machine mode. Impact is described as high confidentiality risk with no repor...

CVE-2025-63384

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...

PT-2025-46191

Name of the Vulnerable Software and Affected Versions RISC-V Rocket-Chip versions 1.6 and earlier Description A flaw exists in the handling of the SRET Supervisor-mode Exception Return instruction within the processor. Instead of correctly transitioning from Machine-mode M-mode to Supervisor-mode...

HEVD

SMEP & kASLR Bypassing - HEVD x86 Kernel Exploit !Alt text...

EUVD-2014-7032

Malware in sbrugna...

EUVD-2016-7189

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-42752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in system...

Exploit for Use After Free in Linux Linux_Kernel

This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities in the Linux kernel, including: 1. CVE-2016-8655: A Linux AFPACKET race condition exploit that includes KASLR and SMEP bypasses. 2. CVE-2016-9793: A Linux SOSND|RCVBUFFORCE CAPNETADMI...

Enable Kernel SMAP

Supervisor Mode Access Prevention SMAP can be enabled to prevent the kernel from accessing data in user space. If SMAP is not enabled, attackers can access data in user space through kernel-mode code redirection, which increases the attack surface and reduces system security. SMAP is enabled by...

Ensure Kernel SMEP is Enabled

Supervisor Mode Execution Prevention SMEP can be enabled to prevent the user-space code execution on the kernel. If SMEP is not enabled, attackers can execute the user-space code through kernel-mode code redirection, which increases the attack surface and reduces system security. SMEP is enabled ...

SUSE CVE-2021-47430

In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 "x86/entry, selftests: Further improve user entry sanity checks" added a warning if AC is set when in the kernel. Commit 662a0221893a3d "x86/entry: Fix AC...

CVE-2021-47566

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...

CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

UBUNTU-CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

SUSE CVE-2014-7156

The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service guest crash via unspecified vectors...

SUSE CVE-2014-7155

The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service guest crash or gain guest kernel mode privileges via vectors involving an 1 HLT, 2 LGDT, 3 LIDT, or 4...