CVE
🔥CVE-2025-37899 is a critical use-after-free flaw in the Linux kernel’s ksmbd module, triggered by a race condition between session setup and teardown. It allows remote, unauthenticated attackers to crash the system or potentially execute code. Rated 9.8 CVSS, it highlights the growing role of AI in uncovering deep kernel-level threats.
In this writeup, I’ll walk you through a fun and realistic CTF challenge from Intigriti’s Hackdonalds, where I discovered and chained two vulnerabilities:
🔍 Dive into a deep technical breakdown of CVE-2025-1137 a high-severity command injection flaw in IBM Storage Scale. This blog explores reverse engineering insights, real-world exploitation, PoCs, and detection strategies tailored for red teamers and defenders.