{"uuid": "33d8ac98-ed8a-42e5-804f-ffd198681dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/321", "content": "Exploiting the CVE-2025-21756 1-day vulnerability\n\nHyunwoo Kim and Wongi Lee posted a kernelCTF report about exploiting a UAF in the vsock subsystem of the Linux kernel.\n\nThe researchers leaked the kernel base address using the EntryBleed side-channel attack and then turned the UAF on the vsock_sock structure into a RIP control primitive to execute a ROP-chain.", "creation_timestamp": "2025-06-17T12:21:21.000000Z"}