pi3 blog

bug bugs bughunt exploit exploiting research vulnerabilities

• Home
• About

“He who fights with monsters should be careful lest he thereby become a monster. And if thou gaze long into an abyss, the abyss will also gaze into thee.”

~Friedrich Nietzsche

• Subscribe

  

• Categories

  • Bughunt (28)
  • Exploiting (36)
  • Ideas (28)
  • LKRG (10)
  • Meeting (6)
  • O wszystkim i o niczym (34)

• Recent Posts

  • RISC-V: Vice Chair of the J-extension Task Group
  • CVE-2023-34367
  • Bug bounties are broken – the story of “i915” bug, ChromeOS + Intel bounty programs, and beyond
  • My talks @ BlackHat 2021 and DefCon29
  • LKRG 0.9.0 has been released!

• Archives

  • November 2023
  • June 2023
  • May 2023
  • July 2021
  • April 2021
  • January 2021
  • December 2020
  • October 2020
  • September 2020
  • June 2020
  • May 2020
  • March 2020
  • October 2019
  • July 2019
  • May 2019
  • April 2019
  • February 2019
  • August 2018
  • July 2018
  • March 2018
  • February 2018
  • January 2018
  • April 2017
  • September 2016
  • July 2015
  • February 2015
  • March 2014
  • August 2013
  • July 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • October 2012
  • May 2012
  • April 2012
  • December 2011
  • September 2011
  • August 2011
  • July 2011
  • March 2011
  • November 2010
  • October 2010
  • July 2010
  • May 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009

• Friends

  • Bothunters – Borys Łącki
  • Gynvael Coldwind
  • Icewall
  • j00ru
  • Piotr Bania

• Pages

  • About

The short story of 1 Linux Kernel Use-After-Free bug and 2 CVEs (CVE-2020-14356 and CVE-2020-25220)

Name:     Linux kernel Cgroup BPF Use-After-Free
Author:   Adam Zabrocki (pi3@pi3.com.pl)
Date:       May 27, 2020

Read more