EIP-2026-102953

PRE-CVE

PonyOS 0.4.99-mlp - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102953. PoCs published by John Cartwright.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in PonyOS 0.4.99-mlp, including a userland privilege escalation via 'cat' binary replacement and kernel memory read/write via ioctl abuse. No functional exploit code is provided, only descriptions and conceptual proof-of-concept steps.

Description

PonyOS 0.4.99-mlp - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP
by John Cartwright · textlocallinux
https://www.exploit-db.com/exploits/24933

This advisory details multiple vulnerabilities in PonyOS 0.4.99-mlp, including a userland privilege escalation via 'cat' binary replacement and kernel memory read/write via ioctl abuse. No functional exploit code is provided, only descriptions and conceptual proof-of-concept steps.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: PonyOS 0.4.99-mlp
Auth required
Prerequisites: Local access to PonyOS · Ability to replace system binaries · Knowledge of kernel memory layout
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026