❌

Normal view

Drift Corpus: binary diffs of 240+ 2026 Windows kernel patches

Patch Tuesday confirms a CVE is fixed but not what changed in the binary, which function, which check, or whether it's a real fix or just churn.

The Drift Corpus is a diff of 240+ 2026 Windows kernel patches. Per entry: the changed functions with assembly, the bug class and call chain, WinDbg breakpoints to reproduce, and a plain-English root cause.

This repository breaks down Microsoft’s monthly kernel patches into clear binary changes, giving researchers a practical roadmap to find adjacent bugs, build faster EDR detections, and write precise firewall and network rules to block exploits at the perimeter.

submitted by /u/Emergency_Stable_923
[link] [comments]

OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099)

A crafted MPLS packet can trigger an out-of-bounds read in mpls_do_error, leaking 4 bytes of adjacent kernel stack memory back in an ICMP/MPLS error response.

It requires MPLS enabled, but the leak is remote and repeatable. Fixed in OpenBSD-current on 2026-06-18.

submitted by /u/Emergency_Stable_923
[link] [comments]

27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass

Absolutely wild find by Argus-Systems. A remote authentication bypass hiding in OpenBSD's kernel PPP stack since it was imported from FreeBSD in July 1999.
An attacker could essentially bypass authentication via a null-auth flaw and intercept/read PPPoE traffic without credentials. It survived every single release for nearly three decades until the patch.
OpenBSD already released a patch.

submitted by /u/Emergency_Stable_923
[link] [comments]
❌