A heap out-of-bounds write affecting Linux since version 2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a denial of service (via heap memory corruption) through user name space. Kernels up to and including 5.11 are vulnerable.
7caefc49d920cc0b0d58e9ad762b7ffbd02e62e1e3225217c8586f8867ea42e8
A heap out-of-bounds write affecting the Linux kernel since version 2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a denial of service condition (via heap memory corruption) through user name space.
43ba43820c567d536530e6cefcfcebfdd790ebc48dc3c00634126ad08fb0dfbf
Linux kernel version 5.4 BleedingTooth bluetooth zero-click proof of concept remote code execution exploit.
5108c67d6fbb60138d1ac3f7b89fb015439b9afd13c3fb0e06991d6195d956ac
This Metasploit module exploits a race and use-after-free vulnerability in the FreeBSD kernel IPv6 socket handling. A missing synchronization lock in the IPV6_2292PKTOPTIONS option handling in setsockopt permits racing ip6_setpktopt access to a freed ip6_pktopts struct. This exploit overwrites the ip6po_pktinfo pointer of a ip6_pktopts struct in freed memory to achieve arbitrary kernel read/write.
00b0e1e6a5651af403765318e00556b0c8953f9ef2bbda38acb929b269045b6a