pawnyable.cafeDouble Fetch (LK03 - Dexter)
April 21, 2026
•
Medium
Linux Kernel ExploitationCVE-2022-4543 > Experimenting with EntryBleed - A Universal KASLR Bypass against KPTI on Linux
Trampoline region trong KPTI user page table bị cached vào TLB, cho phép dò KASLR offset từ userspace qua prefetch side-channel.
April 18, 2026
•
nday
OthersCVE-2025-53630 & CVE-2026-27940 > Heap-based buffer overflow via Integer overflow in llama.cpp GGUF parser
Không kiểm tra tràn số khi tính tổng kích thước cần cấp phát gây heap OOB read/write.
March 29, 2026
•
nday
Linux Privilege EscalationCVE-2021-3156 > Exploiting heap-based buffer overflow in sudo for privilege escalation
Improper handling of escaped space leads to copying data pass null terminator, causing buffer overflow on the heap.
March 19, 2026
•
nday
pwnable.twcriticalheap
User được setenv() tuỳ ý.
March 10, 2026
•
Easy
5 latest posts. Hover on the left to see more.
The end.