I’m Hyunwoo Kim (@v4bel), an independent vulnerability researcher.

Awards
  • Pwnie Awards 2025 Best Privilege Escalation category Winner (CVE-2024-50264)
  • Pwn2Own Berlin 2025 Red Hat Linux in the LPE category Winner (Theori, $15,000)
  • Google kernelCTF LTS-6.6.75/COS-105 1-day Winner (CVE-2025-21756, $71,337)
  • Google kernelCTF LTS-6.6.56/COS-109 0-day Winner (CVE-2024-50264, $81,337)
  • Google kernelCTF LTS-6.6.35 0-day Winner (CVE-2024-41010, $51,337)
Vulnerability Reports
  • CVE-2026-23239 (Linux Kernel ESP-in-TCP Use-After-Free)
  • CVE-2026-23240 (Linux Kernel kTLS Use-After-Free)
  • CVE-2025-38087 (Linux Kernel Traffic Control TAPRIO Use-After-Free)
  • CVE-2024-50264 (Linux Kernel Virtual Socket Use-After-Free)
  • CVE-2024-27394 (Linux Kernel TCP Use-After-Free)
  • CVE-2024-27395 (Linux Kernel OpenvSwitch Use-After-Free)
  • CVE-2024-27396 (Linux Kernel GTP Use-After-Free)
  • CVE-2023-51779 (Linux Kernel Bluetooth Socket Use-After-Free)
  • CVE-2023-51780 (Linux Kernel ATM Socket Use-After-Free)
  • CVE-2023-51781 (Linux Kernel Appletalk Socket Use-After-Free)
  • CVE-2023-51782 (Linux Kernel Rose Socket Use-After-Free)
  • CVE-2023-32269 (Linux Kernel NET/ROM Socket Use-After-Free)
  • CVE-2022-41218 (Linux Kernel DVB Core Use-After-Free)
  • CVE-2022-45884 (Linux Kernel DVB Core Use-After-Free)
  • CVE-2022-45885 (Linux Kernel DVB Core Use-After-Free)
  • CVE-2022-45886 (Linux Kernel DVB Core Use-After-Free)
  • CVE-2022-45919 (Linux Kernel DVB Core Use-After-Free)
Conference Talks
  • Race Condition Symphony: From Tiny Idea to PwniePOC Conference, Seoul, 2025