exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Linux TIOCSPGRP Broken Locking
Posted Dec 22, 2020
Authored by Jann Horn, Google Security Research

Linux suffers from broken locking in TIOCSPGRP that can lead to a corrupted refcount.

tags | exploit
systems | linux
advisories | CVE-2020-29661
SHA-256 | 3d16d56ff43c2ab3355f19116f22e1a94fc89347899d1d2c15556ab0e4b4191b

Related Files

Linux Broken Unix GC Interaction Use-After-Free
Posted Jan 12, 2024
Authored by Jann Horn, Google Security Research

Linux suffers from an io_uring use-after-free vulnerability due to broken unix GC interaction.

tags | exploit
systems | linux, unix
advisories | CVE-2022-2602, CVE-2023-6531
SHA-256 | f69e0977a025727662a99855b4620c72daf61a181fc942af121b5a2aba667456
Linux DCCP Information Leak
Posted Oct 16, 2023
Authored by Jann Horn, Google Security Research

Linux suffers from a small remote binary information leak in DCCP.

tags | exploit, remote
systems | linux
SHA-256 | 8f509db352a5daf100520971c2666cea99bc2b733614a6fbd107c438f44733be
Linux PT_SUSPEND_SECCOMP Permission Bypass / Ptracer Death Race
Posted Jan 3, 2023
Authored by Jann Horn, Google Security Research

Linux suffers from two seccomp bugs with a PT_SUSPEND_SECCOMP permission bypass and ptracer death race condition.

tags | exploit
systems | linux
advisories | CVE-2022-30594
SHA-256 | 6d7f253f354c0c71a5692bbeb6bcd2a20b50e96fc05afeda0286131716d7b406
Linux 3.19 anon_vma Use-After-Free
Posted Oct 6, 2022
Authored by Jann Horn, Google Security Research

Linux suffers from an anon_vma use-after-free vulnerability through the bogus merge of VMAs caused by double-reuse of leaf anon_vma because of ->degree misinterpretation.

tags | exploit
systems | linux
SHA-256 | e27e13af66dddafc7e4588c3b561b058fe6859b4fbc060de1741e0003a7d5b45
Linux PT_SUSPEND_SECCOMP Permission Bypass / Death Race
Posted May 9, 2022
Authored by Jann Horn, Google Security Research

Linux suffers from two bugs in PT_SUSPEND_SECCOMP. One allows for permission bypass and the other relates to a ptracer death race.

tags | exploit
systems | linux
SHA-256 | 090e7e5a723be850497afe230306c956241cce0eb429877bf07e8c0f06eb2a40
Linux FUSE Use-After-Free
Posted Apr 19, 2022
Authored by Jann Horn, Google Security Research

Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes.

tags | exploit
systems | linux
advisories | CVE-2022-1011
SHA-256 | 2013a523f6140f5f94778f15578c0f1d52f0a0bddd81e46cc48963fbe8fd4efb
Linux Garbage Collection Memory Corruption
Posted Jan 10, 2022
Authored by Jann Horn, Google Security Research

Linux suffers from a garbage collection memory corruption vulnerability by resurrecting a file reference through RCU.

tags | exploit
systems | linux
advisories | CVE-2021-4083
SHA-256 | 638d1db3f45bcd59a8ce424b7eb6551bbe0ff49ecd4eb9c767f096560f4687de
Linux SELinux PTRACE_TRACEME Handler Use-After-Free
Posted Oct 26, 2021
Authored by Jann Horn, Google Security Research

Linux suffers from a use-after-free read in the SELinux handler for PTRACE_TRACEME.

tags | exploit
systems | linux
SHA-256 | 796440de4a29bc2603d127196092fc9ccdd7e9044bbb208b4660cc96ceeb0dcd
Linux sendmsg() Privilege Escalation
Posted Dec 16, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from a privilege escalation vulnerability via io_uring offload of sendmsg() onto kernel thread with kernel creds.

tags | exploit, kernel
systems | linux
advisories | CVE-2019-19241
SHA-256 | a834b29ddf4d2217f0c133698262209db2f3b93925e28fd750acde84f14c06eb
Linux show_numa_stats() Use-After-Free
Posted Aug 8, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from use-after-free read vulnerabilities in show_numa_stats().

tags | exploit, vulnerability
systems | linux
SHA-256 | 7daf0340da4a54780b2816f43fc842a167e5ce5eecd0e0c90c87101a262a8f9e
Linux PTRACE_TRACEME Broken Permission / Object Lifetime Handling
Posted Jul 16, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from broken permission and object lifetime handling for PTRACE_TRACEME.

tags | exploit
systems | linux
advisories | CVE-2019-13272
SHA-256 | 30dafcd01fe3416a51e40e4a4f49ab60f981e89f93b9635b6199d3e4fa21fde9
Linux Race Condition Use-After-Free
Posted Jun 20, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from a use-after-free via a race condition between modify_ldt() and #BR exception.

tags | exploit
systems | linux
SHA-256 | 1fcbfa390531a70742295db73f9e7ff8f089236459ea40c9adc0d8c41303b3d3
Linux Missing Lockdown
Posted Apr 29, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from a missing locking between ELF coredump code and userfaultfd VMA modification.

tags | exploit
systems | linux
advisories | CVE-2019-11599
SHA-256 | 673a7d5b5c8c34c1c31d9a3eff1b04dbcf78b701cc9cca3e53ef0c155170313f
Linux Overflow Via FUSE
Posted Apr 23, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from a page->_refcount overflow via FUSE with ~140GiB RAM usage.

tags | exploit, overflow
systems | linux
SHA-256 | 8f223059c2e0c5c532eddc4777ac58f752854b9d67abeac1f06d8d9bf6855b94
Linux SNMP NAT Module Out-Of-Bounds Read/Write
Posted Feb 25, 2019
Authored by Jann Horn, Google Security Research

Linux suffers from out-of-bounds read and write vulnerabilities in the SNMP NAT module.

tags | exploit, vulnerability
systems | linux
SHA-256 | 7bd49b3bb3d086c38ebc75bb8575f700166986bda831d3c8b3ef390d3ddb262f
Linux systemd Symlink Dereference Via chown_one()
Posted Oct 26, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an issue with systemd where chown_one() can dereference symlinks.

tags | exploit
systems | linux
advisories | CVE-2018-15687
SHA-256 | d697c36e79f99a67f9cd338b7bd29e048c68c6bb76813a6a4825722f969d23a4
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86
Posted Oct 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a semi-arbitrary task stack read on ARM64 (and x86) via /proc/$pid/stack.

tags | advisory, arbitrary, x86
systems | linux
SHA-256 | aa57cf6a492d7f45505fa3498cb8e656f5d02f443b0cde3a3cb505708affcfc3
Linux create_elf_tables() Integer Overflow
Posted Sep 26, 2018
Authored by Qualys Security Advisory

Linux suffers from an integer overflow vulnerability in create_elf_tables(). Multiple exploits provided.

tags | exploit, overflow
systems | linux
advisories | CVE-2018-14634
SHA-256 | 96f76be0c1dab33a40b6145fd293ceab661f631350fcf639a1e4bdb1faedbb92
Linux VMA Use-After-Free
Posted Sep 26, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a VMA use-after-free vulnerability via a buggy vmacache_flush_all() fastpath.

tags | exploit
systems | linux
advisories | CVE-2018-17182
SHA-256 | e61f826cfebf3e7bf6eb9726e31779f1707a0644cc3e2a4e3c0865759d272ace
Linux dmesg Arbitrary Kernel Read
Posted Sep 13, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an arbitrary kernel read into dmesg via a missing address check in the segfault handler.

tags | advisory, arbitrary, kernel
systems | linux
SHA-256 | d3543609cf07f5bc3c6ff63fec8e66a77587ae2ca18d384c4afa15317c5fc42f
Linux Insufficient Shootdown For Paging-Structure Caches
Posted Sep 11, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an insufficient shootdown for paging-structure caches.

tags | exploit
systems | linux
SHA-256 | 32e5a4bd6f757fe452ac7e750d0af567a328b2a378460854b5ae256e468c4523
Linux reiserfs listxattr_filler() Heap Overflow
Posted Aug 31, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a reiserfs listxattr_filler() heap overflow vulnerability.

tags | exploit, overflow
systems | linux
SHA-256 | bda8cff2fd8a8c683d0b06a45887982f218af840ef2b2e66113c85ebc43d76eb
Linux 4-Byte Information Leak
Posted May 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a 4-byte information leak via an uninitialized struct field in the compat adjtimex syscall.

tags | exploit
systems | linux
SHA-256 | 50d39995adad3a015a3b94c0d7b5e9f1f194e700f189b736aefca07019347f73
Sudo get_process_ttyname() Race Condition
Posted Jun 2, 2017
Site qualys.com

Sudo's get_process_ttyname() on Linux suffers from a race condition that allows for root privilege escalation.

tags | exploit, root
systems | linux
advisories | CVE-2017-1000367
SHA-256 | fedac891bbdaf97f55757b635d5ae075843da48925d762d5149a49ade19918cd
McAfee Virus Scan Enterprise For Linux Remote Code Execution
Posted Dec 14, 2016
Authored by Andrew Fasano

McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution, virus
systems | linux
advisories | CVE-2016-8016, CVE-2016-8017, CVE-2016-8018, CVE-2016-8019, CVE-2016-8020, CVE-2016-8021, CVE-2016-8022, CVE-2016-8023, CVE-2016-8024, CVE-2016-8025
SHA-256 | 26d7834cf5815b1060880e6f39aced196e9baa8ba2abaefb8044358b1c90a16b
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close