0xAtharv

CVE-2025-40019 NOMISEC WORKING POC

Linux Kernel - Crypto Vuln

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.

View Code

CVE-2023-20938 NOMISEC HIGH WORKING POC

Google Android - Use After Free

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel

CVSS 7.8

View Code