Technical security research and writeups

Vulnerability Research

  • Analyzing a Modern Linux Kernel Vulnerability (CVE-2023-0266)

    Deep dive into CVE-2023-0266, a race condition vulnerability in the Linux kernel sound subsystem that was exploited in-the-wild against Android devices. Exploring the technical details of how 32-bit/64-bit compatibility layers introduced a use-after-free condition.

    read more →
  • Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656)

    Disclosure of a local privilege escalation vulnerability in Ant Media Server arising from an unauthenticated JMX remote management interface accessible to unprivileged local users, enabling code execution as root.

    read more →