Skip to content

Commit f7a0233

Browse files
authored
Merge pull request #73 from oracle-samples/analysis-week-2-2026
CVE analysis - Week 2
2 parents 19baf16 + cd2af34 commit f7a0233

2 files changed

Lines changed: 20 additions & 0 deletions

File tree

vulns/CVE-2025-40248.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
reachability: Local
2+
memory_corruption: true
3+
bug_class: UaF
4+
impact: DoS, LPE
5+
privileges_required: false
6+
notes: |2-
7+
Use after free in net/vmw_vsock leading to DoS, privilege escalation and
8+
arbitrary kernel code execution
9+
author: Oracle Corporation
10+
version: v0.1

vulns/CVE-2025-40280.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
reachability: Local
2+
memory_corruption: true
3+
bug_class: UaF
4+
impact: DoS, LPE, VM-escape
5+
privileges_required: false
6+
notes: |2-
7+
Use after free in net/tipc leading to DoS, privilege escalation and
8+
VM-escape. Can be triggered by unprivileged user through namespaces
9+
author: Oracle Corporation
10+
version: v0.1

0 commit comments

Comments
 (0)