EXCEEDS logo
Exceeds
liona24

PROFILE

Liona24

Lion Ackermann contributed to the google/security-research repository by developing and documenting mitigations for multiple Linux kernel vulnerabilities, focusing on privilege escalation risks in subsystems such as nftables, ipset, and traffic control. Over three months, Lion engineered and disclosed exploit demonstrations for CVEs including CVE-2024-27397, CVE-2024-39503, CVE-2024-53141, and CVE-2025-21700, providing detailed vulnerability analyses and mitigation strategies. Using C and Assembly, Lion applied skills in kernel exploitation, heap spraying, and reverse engineering to produce proof-of-concept code, technical documentation, and reproducible research, enabling security teams to validate fixes and prioritize patching based on real-world exploitability and risk.

Overall Statistics

Feature vs Bugs

0%Features

Repository Contributions

5Total
Bugs
4
Commits
5
Features
0
Lines of code
21,292
Activity Months3

Your Network

22 people

Shared Repositories

22
akrasuski1Member
Artem MetlaMember
pumpkinMember
chanijindal1Member
Chani JindalMember
eduardo velaMember
GerrardMember
0x48Member
Juan Jose Lopez JaimezMember

Work History

October 2025

2 Commits

Oct 1, 2025

Month 2025-10: Security research and disclosure work focused on Linux traffic control vulnerabilities in google/security-research. Delivered disclosures and exploit demonstrations for two Linux kernel tc vulnerabilities (CVE-2024-53164 and CVE-2025-21700), illustrating potential privilege-escalation risks in CHOKe and qdisc structures. Documented mitigations and recommended patching strategies to support faster remediation. Contributed kernelCTF-based disclosures with two commits to improve reproducibility and awareness. This work strengthens the security posture of Linux networking components and informs risk-based prioritization for patching.

September 2025

1 Commits

Sep 1, 2025

September 2025 (2025-09) monthly summary for google/security-research: Focused on risk discovery, mitigation, and documentation for CVE-2024-53141 in the bitmap:ip (ipset) subsystem. Delivered a mitigation patch and accompanying exploit demonstration docs to reduce exposure and guide downstream consumers.

January 2025

2 Commits

Jan 1, 2025

January 2025 monthly work summary for google/security-research focused on security research and kernel hardening. Key features delivered include two security mitigations for Linux kernel CVEs implemented in kernelCTF: - CVE-2024-27397 (Nftables UAF) mitigation added (commit 724373963e4f951abd0605f240f6d40a75564275). - CVE-2024-39503 (IP_SET race condition) mitigation added (commit d72e002fe83480b9133ae9b5ff023af0367cf233). Each mitigation is accompanied by vulnerability explanations, mitigation bypass discussions, and payload construction details, along with documentation and PoC code.

Activity

Loading activity data...

Quality Metrics

Correctness88.0%
Maintainability80.0%
Architecture88.0%
Performance80.0%
AI Usage20.0%

Skills & Technologies

Programming Languages

AssemblyCMakefile

Technical Skills

C ProgrammingExploit DevelopmentHeap SprayingIP SetsKASLR BypassKernel DebuggingKernel ExploitationLinux Kernel ExploitationLinux Kernel InternalsNFTablesNetfilterNetlinkPrivilege EscalationROP ChainsRace Conditions

Repositories Contributed To

1 repo

Overview of all repositories you've contributed to across your timeline

google/security-research

Jan 2025 Oct 2025
3 Months active

Languages Used

AssemblyCMakefile

Technical Skills

C ProgrammingHeap SprayingIP SetsKASLR BypassKernel DebuggingLinux Kernel Exploitation

Generated by Exceeds AIThis report is designed for sharing and indexing