+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2026-04-30 (/Thread-HackerOne-Disclosed-Reports-2026-04-30)
HackerOne disclosed reports - 2026-04-30 - hashXploiter - 05-01-2026
High
resolved
resolved
Double fdrop on a socket through sys_netcontrol
Bug reported by SlidyBat was disclosed at May 1, 2026, 1:41 am | Double Free
The netcontrol syscall in the kernel had a vulnerability where the socket file descriptor was not properly validated when removing a socket from a netevent structure. This allowed an attacker to cause a double fdrop on a socket, potentially leading to a use-after-free condition.