Add kernelCTF CVE-2026-43499_lts_cos#402
Conversation
|
Hi, we’ve achieved a 10/10 success rate in reproducing the exploit on LTS-6.12.80. However the vulnerability verification seems to have failed due to CI issues beyond our control. Please let us know if there is anything else we need to do. Thanks! |
|
Hey! It seems that the CI issue was only a one-off error, I've ran the The run: https://github.com/google/security-research/actions/runs/28435044372/job/84258832987 I can see from the logs that the patched kernel version is not affected (exploit exits cleanly), but on the non-patched version the kernel got into a soft lockup: I see from the stack trace (esp. |
|
Oh and we need an email confirmation before sending the reward, please check your email address(es) and your Bughunters' submission. |
|
Hi KT, we should have confirmed the verification email.
We believe this is because the UAF (dangling pointer) occurs on the stack, so the current KASAN implementation, or other detection mechanisms such as PAC or MTE, cannot detect this stack UAF. KASAN may have been able to detect this before torvalds/linux@7771bdb |
No description provided.