Project Zero Bot
p0bot
New Project Zero issue:
Linux >=4.12: USB CDC-ACM: missing size check in acm_ctrl_irq() leads to OOB write
https://project-zero.issues.chromium.org/issues/395107243
CVE-2025-21704
Linux >=4.12: USB CDC-ACM: missing size check in acm_ctrl_irq() leads to OOB write
https://project-zero.issues.chromium.org/issues/395107243
CVE-2025-21704
0
2
4
Project Zero Bot
p0bot
New Project Zero issue:
msm_npu: Race between npu_host_unload_network and npu_host_exec_network_v2 leads to memory corruption
https://project-zero.issues.chromium.org/issues/380081941
CVE-2025-21424
msm_npu: Race between npu_host_unload_network and npu_host_exec_network_v2 leads to memory corruption
https://project-zero.issues.chromium.org/issues/380081941
CVE-2025-21424
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
libxslt: use-after-free in xsltParseStylesheetProcess
https://project-zero.issues.chromium.org/issues/382015274
CVE-2024-55549
libxslt: use-after-free in xsltParseStylesheetProcess
https://project-zero.issues.chromium.org/issues/382015274
CVE-2024-55549
0
2
2
Project Zero Bot
p0bot
New Project Zero issue:
Linux 6.4: UAF race between mbind() and VMA-locked page fault
https://project-zero.issues.chromium.org/issues/42451620
CVE-2023-4611
Linux 6.4: UAF race between mbind() and VMA-locked page fault
https://project-zero.issues.chromium.org/issues/42451620
CVE-2023-4611
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Firefox: use-after-free in txMozillaXSLTProcessor
https://project-zero.issues.chromium.org/issues/383558273
CVE-2025-1009
Firefox: use-after-free in txMozillaXSLTProcessor
https://project-zero.issues.chromium.org/issues/383558273
CVE-2025-1009
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Android: SPF in AOSP 5.10/5.15 kernels can create dangling TLB entries by misdirecting TLB flushes on race with mremap() [and other miscellaneous issues in SPF]
https://project-zero.issues.chromium.org/issues/377569381
CVE-2025-0088
Android: SPF in AOSP 5.10/5.15 kernels can create dangling TLB entries by misdirecting TLB flushes on race with mremap() [and other miscellaneous issues in SPF]
https://project-zero.issues.chromium.org/issues/377569381
CVE-2025-0088
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
cvp: Incorrect bailout unwinding leads to UAF dangling list entry
https://project-zero.issues.chromium.org/issues/389724938
CVE-2024-38411
cvp: Incorrect bailout unwinding leads to UAF dangling list entry
https://project-zero.issues.chromium.org/issues/389724938
CVE-2024-38411
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux: io_uring: UAF of io_ev_fd; io_eventfd_do_signal() frees on refcount drop without RCU delay
https://project-zero.issues.chromium.org/issues/388499293
CVE-2025-21655
Linux: io_uring: UAF of io_ev_fd; io_eventfd_do_signal() frees on refcount drop without RCU delay
https://project-zero.issues.chromium.org/issues/388499293
CVE-2025-21655
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
0
0
2
Project Zero Bot
p0bot
New Project Zero issue:
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
0
1
3
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
1
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=5.10: wrong order of operations on close_and_free_vma error path causes temporary dangling PTE
https://project-zero.issues.chromium.org/issues/374117290
CVE-2024-53096
Linux >=5.10: wrong order of operations on close_and_free_vma error path causes temporary dangling PTE
https://project-zero.issues.chromium.org/issues/374117290
CVE-2024-53096
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux: Panthor: racy panthor_vm_pool_get_vm() leads to UAF
https://project-zero.issues.chromium.org/issues/377500597
CVE-2024-53080
Linux: Panthor: racy panthor_vm_pool_get_vm() leads to UAF
https://project-zero.issues.chromium.org/issues/377500597
CVE-2024-53080
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=v6.8-rc1: VMA UAF when nascent MM is accessed through forked userfaultfd or khugepaged after aborted fork
https://project-zero.issues.chromium.org/issues/373391951
CVE-2024-50263, CVE-2024-50220
Linux >=v6.8-rc1: VMA UAF when nascent MM is accessed through forked userfaultfd or khugepaged after aborted fork
https://project-zero.issues.chromium.org/issues/373391951
CVE-2024-50263, CVE-2024-50220
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel registry security descriptor refcount may overflow when referenced by too many transacted operations
https://project-zero.issues.chromium.org/issues/42451732
CVE-2024-43641
Windows Kernel registry security descriptor refcount may overflow when referenced by too many transacted operations
https://project-zero.issues.chromium.org/issues/42451732
CVE-2024-43641
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel passes user-mode pointers to registry callbacks, leading to race conditions and memory corruption
https://project-zero.issues.chromium.org/issues/42451607
CVE-2023-38141
Windows Kernel passes user-mode pointers to registry callbacks, leading to race conditions and memory corruption
https://project-zero.issues.chromium.org/issues/42451607
CVE-2023-38141
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel double-fetch in the loading of remote registry hives, leading to memory corruption
https://project-zero.issues.chromium.org/issues/42451731
CVE-2024-43452
Windows Kernel double-fetch in the loading of remote registry hives, leading to memory corruption
https://project-zero.issues.chromium.org/issues/42451731
CVE-2024-43452
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
PowerVR: PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused
https://project-zero.issues.chromium.org/issues/42451726
CVE-2024-43704
PowerVR: PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused
https://project-zero.issues.chromium.org/issues/42451726
CVE-2024-43704
0
0
0