113 bytes small Linux/x64 anti-debug trick (INT3 trap) with execve("/bin/sh") shellcode that is NULL free.

Linux futex+VFS suffers from an improper inode reference in get_futex_key() that causes a use-after-free if the superblock goes away.

Linux 5.6 has an issue with IORING_OP_MADVISE racing with coredumping.

129 bytes small Linux/x86_64 bind (4444/TCP) shell (/bin/sh) + password (pass) shellcode.

157 bytes small Linux/MIPS64 reverse (localhost:4444/TCP) shell shellcode.

120 bytes small Linux/x86_64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + password (pass) shellcode.

Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.

53 bytes small Linux/x86 bind TCP port 43690 null-free shellcode.

188 bytes small Lnux/x64 reverse TCP stager shellcode.

Proof of concept code that demonstrates an ASLR bypass of PIE compiled 64bit Linux.

The release of this advisory provides exploitation details in relation a weakness in the Linux ASLR implementation. The problem appears when the executable is PIE compiled and it has an address leak belonging to the executable. These details were obtained through the Packet Storm Bug Bounty program and are being released to the community.

Mandriva Linux Security Advisory 2013-271 - The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk.

This is a tool that generates a Linux kernel module for custom rules with Netfilter hooking to block ports, run in hidden mode, perform rootkit functions, etc.

HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.

Information regarding a simple mitigation to disable 32bit binaries in Linux.

Gentoo Linux Security Advisory 202004-14 - Multiple vulnerabilities have been found in FontForge, the worst of which could result in the arbitrary execution of code. Versions less than 20200314 are affected.

Gentoo Linux Security Advisory 202004-15 - Multiple vulnerabilities have been found in libu2f-host, the worst of which could result in the execution of code. Versions less than 1.1.10 are affected.

Gentoo Linux Security Advisory 202004-16 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.11 are affected.

Gentoo Linux Security Advisory 202004-17 - Multiple vulnerabilities have been found in Django, the worst of which could result in privilege escalation. Versions less than 2.2.11 are affected.

Gentoo Linux Security Advisory 202003-6 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.4.9:2.4 are affected.

Gentoo Linux Security Advisory 202003-9 - A vulnerability in OpenID library for Ruby at worst might allow an attacker to bypass authentication. Versions less than 2.9.2 are affected.

Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed.

Gentoo Linux Security Advisory 202004-6 - A regression in GnuTLS breaks the security guarantees of the DTLS protocol. Versions less than 3.6.13 are affected.

114 bytes small Linux/x86 bind shell generator shellcode.

Gentoo Linux Security Advisory 202003-57 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary shell commands. Versions less than 7.4.4 are affected.

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

Mandriva Linux Security Advisory 2015-208 - An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable. This update fixes this issue by enforcing that those files are owned by the root user and shadow group, and are only readable by those two entities. Note that this issue only affected new Mandriva Business Server 2 installations. Systems that were updated from previous Mandriva versions were not affected. This update was already issued as MDVSA-2015:184, but the latter was withdrawn as it generated.rpmnew files for critical configuration files, and rpmdrake might propose the user to use those basically empty files, thus leading to loss of passwords or partition table. This new update ensures that such.rpmnew files are not kept after the update.

Mandriva Linux Security Advisory 2015-209 - Update PHP packages address buffer over-read and overflow vulnerabilities. PHP has been updated to version 5.5.24, which fixes these issues and other bugs. Additionally the timezonedb packages has been upgraded to the latest version and the PECL packages which requires so has been rebuilt for php-5.5.24.

Mandriva Linux Security Advisory 2015-210 - A denial of service flaw was found in the way QEMU handled malformed Physical Region Descriptor Table data sent to the host's IDE and/or AHCI controller emulation. A privileged guest user could use this flaw to crash the system. It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory and CPU.

Mandriva Linux Security Advisory 2015-211 - glusterfs was vulnerable to a fragment header infinite loop denial of service attack. Also, the glusterfsd SysV init script was failing to properly start the service. This was fixed by replacing it with systemd unit files for the service that work properly.

Mandriva Linux Security Advisory 2015-212 - An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures.