home.social

#privilege-escalation — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #privilege-escalation, aggregated by home.social.

fetched live
  1. Oh, joy! 😒 A riveting tale of OpenBSD's latest "oopsie-daisy" moment, where users can magically escalate privileges—because who doesn't love a good #security blunder? Meanwhile, the article itself is a masterpiece of accessibility: blocked by Cloudflare like a bouncer at a club for nerds. 🕵️‍♂️🔒
    nvd.nist.gov/vuln/detail/cve-2 #OpenBSD #Blunder #Accessibility #Issues #HackerNews #PrivilegeEscalation #HackerNews #ngated

  2. Oh, joy! 😒 A riveting tale of OpenBSD's latest "oopsie-daisy" moment, where users can magically escalate privileges—because who doesn't love a good #security blunder? Meanwhile, the article itself is a masterpiece of accessibility: blocked by Cloudflare like a bouncer at a club for nerds. 🕵️‍♂️🔒
    nvd.nist.gov/vuln/detail/cve-2 #OpenBSD #Blunder #Accessibility #Issues #HackerNews #PrivilegeEscalation #HackerNews #ngated

  3. 🛡️🪲 Managerul de pachete GNU Guix a fost lovit de patru vulnerabilități de securitate 🚀💻

    GNU Guix, managerul de pachete tranzacțional și avansat din ecosistemul GNU — apreciat la nivel global pentru abordarea sa puristă în privința libertății software, configurarea declarativă și reproductibilitatea absolută a build-urilor — se confruntă cu o provocare serioasă de securitate. Comunitatea de dezvoltatori a confirmat oficial descoperirea a patru vulnerabilități în logica sa de funcționare, forțând emiterea unor patch-uri de urgență.

    Deoarece GNU Guix folosește un demon de fundal cu privilegii ridicate (guix-daemon) pentru a compila și izola pachetele destinate utilizatorilor, aceste breșe reprezintă un risc considerabil pentru integritatea sistemelor afectate.

    Iată detaliile principale despre problemele identificate:

    🔹 Breșe la nivelul privilegiilor și izolării (Sandbox Escape):
    Vulnerabilitățile identificate vizează în mod special mecanismul de sandbox (mediul izolat) pe care Guix îl folosește în timpul compilării pachetelor din surse.

    Riscul: Anumite erori logice în gestionarea permisiunilor și a directoarelor temporare de build puteau permite unui pachet malițios să „evadeze” din containerul său izolat. Odată evadat, codul atacatorului ar fi putut interfața cu fișierele critice ale sistemului gazdă sau ar fi putut obține o escaladare neautorizată a privilegiilor până la nivelul de root.

    🔹 Manipularea reproducerii pachetelor (Build Poisoning):
    Una dintre cele mai mari calități ale GNU Guix este reproductibilitatea (același cod sursă generează bit cu bit același binar). Breșele raportate introduceau un risc de „otrăvire” a procesului de build local, permițând unui utilizator local neautorizat sau unui script malițios să modifice rezultatul compilării altor pachete de pe mașină, alterând binarul final fără ca administratorul să observe imediat.

    🔹 Remedierea și corecturile aplicate:
    Echipa GNU Guix a reacționat cu promptitudine imediat ce detaliile tehnice au fost verificate. A fost lansată o actualizare care modifică modul în care guix-daemon gestionează variabilele de mediu, legăturile simbolice (symlinks) și montarea directoarelor în sandbox, închizând complet portițele de evadare folosite în scenariile de atac testate.

    ⚠️ Acțiune obligatorie pentru utilizatori: Dacă rulezi GNU Guix ca manager de pachete independent pe o altă distribuție sau dacă folosești sistemul de operare complet Guix System, este critic să îți actualizezi demonul de sistem imediat.

    Pentru a securiza mașina, utilizatorii trebuie să ruleze comanda de actualizare a profilelor și, extrem de important, să repornească serviciul de fundal:

    Bash
    guix pull
    sudo systemctl restart guix-daemon
    Prin această intervenție rapidă, comunitatea demonstrează din nou că transparența totală a codului open-source și auditurile de securitate riguroase sunt cele mai bune mecanisme de protecție împotriva defectelor inevitabile de programare.

    #GNUGuix #GuixSystem #GNULinux #Cybersecurity #PackageManager #SandboxEscape #PrivilegeEscalation #OpenSource #TechNews

  4. 🛡️🪲 Managerul de pachete GNU Guix a fost lovit de patru vulnerabilități de securitate 🚀💻

    GNU Guix, managerul de pachete tranzacțional și avansat din ecosistemul GNU — apreciat la nivel global pentru abordarea sa puristă în privința libertății software, configurarea declarativă și reproductibilitatea absolută a build-urilor — se confruntă cu o provocare serioasă de securitate. Comunitatea de dezvoltatori a confirmat oficial descoperirea a patru vulnerabilități în logica sa de funcționare, forțând emiterea unor patch-uri de urgență.

    Deoarece GNU Guix folosește un demon de fundal cu privilegii ridicate (guix-daemon) pentru a compila și izola pachetele destinate utilizatorilor, aceste breșe reprezintă un risc considerabil pentru integritatea sistemelor afectate.

    Iată detaliile principale despre problemele identificate:

    🔹 Breșe la nivelul privilegiilor și izolării (Sandbox Escape):
    Vulnerabilitățile identificate vizează în mod special mecanismul de sandbox (mediul izolat) pe care Guix îl folosește în timpul compilării pachetelor din surse.

    Riscul: Anumite erori logice în gestionarea permisiunilor și a directoarelor temporare de build puteau permite unui pachet malițios să „evadeze” din containerul său izolat. Odată evadat, codul atacatorului ar fi putut interfața cu fișierele critice ale sistemului gazdă sau ar fi putut obține o escaladare neautorizată a privilegiilor până la nivelul de root.

    🔹 Manipularea reproducerii pachetelor (Build Poisoning):
    Una dintre cele mai mari calități ale GNU Guix este reproductibilitatea (același cod sursă generează bit cu bit același binar). Breșele raportate introduceau un risc de „otrăvire” a procesului de build local, permițând unui utilizator local neautorizat sau unui script malițios să modifice rezultatul compilării altor pachete de pe mașină, alterând binarul final fără ca administratorul să observe imediat.

    🔹 Remedierea și corecturile aplicate:
    Echipa GNU Guix a reacționat cu promptitudine imediat ce detaliile tehnice au fost verificate. A fost lansată o actualizare care modifică modul în care guix-daemon gestionează variabilele de mediu, legăturile simbolice (symlinks) și montarea directoarelor în sandbox, închizând complet portițele de evadare folosite în scenariile de atac testate.

    ⚠️ Acțiune obligatorie pentru utilizatori: Dacă rulezi GNU Guix ca manager de pachete independent pe o altă distribuție sau dacă folosești sistemul de operare complet Guix System, este critic să îți actualizezi demonul de sistem imediat.

    Pentru a securiza mașina, utilizatorii trebuie să ruleze comanda de actualizare a profilelor și, extrem de important, să repornească serviciul de fundal:

    Bash
    guix pull
    sudo systemctl restart guix-daemon
    Prin această intervenție rapidă, comunitatea demonstrează din nou că transparența totală a codului open-source și auditurile de securitate riguroase sunt cele mai bune mecanisme de protecție împotriva defectelor inevitabile de programare.

    #GNUGuix #GuixSystem #GNULinux #Cybersecurity #PackageManager #SandboxEscape #PrivilegeEscalation #OpenSource #TechNews

  5. HIGH severity: CVE-2026-8797 impacts NEC ExpressUpdate Agent for Windows. Exposed IOCTL enables local privilege escalation to SYSTEM. No patch yet — restrict local access, monitor activity. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Windows #PrivilegeEscalation

  6. CVE-2026-12781 (HIGH, CVSS 8.5) found in EaseUS Partition Master 14.0 – 14.5: improper access controls in kernel driver epmntdrv.sys enable local privilege escalation. Upgrade to latest version ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #PrivilegeEscalation #CyberSecurity

  7. #Linux got bitten by crypto-related page cache vulnerabilities in recent weeks. They had rather boring names: #CopyFail #DirtyFrag #Fragnesia

    The #FreeBSD community is fixing this by naming their own bug of this class #BUMSRAKETE.

    (Now, if you ran the name through a translator and are questioning its legitimacy: It's as real as the person that inspired the bug report's style, unfortunately.)

    bumsrake.de/

    #PrivilegeEscalation #security #vulnerability

  8. #Linux got bitten by crypto-related page cache vulnerabilities in recent weeks. They had rather boring names: #CopyFail #DirtyFrag #Fragnesia

    The #FreeBSD community is fixing this by naming their own bug of this class #BUMSRAKETE.

    (Now, if you ran the name through a translator and are questioning its legitimacy: It's as real as the person that inspired the bug report's style, unfortunately.)

    bumsrake.de/

    #PrivilegeEscalation #security #vulnerability

  9. Google Patches Actively Exploited Android Flaw Amid June Update

    Google just dropped a crucial security update for Android, fixing 124 vulnerabilities, including a high-severity flaw that's being actively exploited - don't wait, patch up your device now! This critical fix tackles a privilege escalation bug that can be triggered without any user interaction, putting your data at risk.

    osintsights.com/google-patches

    #AndroidSecurity #Cve202548595 #Google #EmergingThreats #PrivilegeEscalation

  10. WP Maps Pro Flaw Exploited to Create Admin Accounts

    A critical vulnerability in the popular WP Maps Pro plugin, used by over 15,000 WordPress sites, has been exploited to create admin accounts, putting countless websites at risk of complete takeover. This high-severity flaw, tracked as CVE-2026-8732, allows attackers to escalate privileges and gain unrestricted access.

    osintsights.com/wp-maps-pro-fl

    #Wordpress #WpMapsPro #Cve20268732 #PrivilegeEscalation #PluginVulnerability

  11. Microsoft Decries Uncoordinated Zero-Day Disclosures

    Microsoft slammed researchers who publicly revealed six zero-day vulnerabilities without giving the company a heads-up, putting customers at unnecessary risk. The tech giant named and shamed the flaws, including privilege escalation vulnerabilities in Microsoft Defender and a security feature bypass vulnerability in Windows…

    osintsights.com/microsoft-decr

    #ZeroDay #VulnerabilityDisclosures #Microsoft #ResponsibleDisclosure #PrivilegeEscalation

  12. 🛡️ CVE-2026-9789 (HIGH, CVSS 8.5): Acer NitroSense V3 (≤3.01.3001) local users can delete arbitrary files via PSAdminAgent's weak pipe ACL. No patch yet — restrict access, monitor activity. More: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Acer #PrivilegeEscalation

  13. CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw

    A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

    osintsights.com/cisa-mandates-

    #CpanelPluginFlaw #Cve202648172 #Litespeed #PrivilegeEscalation #VulnerabilityExploitation

  14. MSSQL users – beware of RBCD: attackers can use Remote Blob Storage to lift privileges from a limited DB account to the host level.
    Key insight: the technique abuses SQL Server’s blob‑store to run code on the OS.
    - Improves threat surface for lateral movement
    - Requires only DB‑level access

    Stay vigilant, audit async blob usage, and restrict grant tiers.

    #MSSQL #RBCD #PrivilegeEscalation #CyberSecurity #PrivacyFirst

    🔗 cnblogs.com/nice0e3/p/17041293

  15. 🚨 CRITICAL: CVE-2026-5118 in Divi Form Builder (≤5.1.2) lets unauth'd users gain admin privileges via unvalidated 'role' parameter. Disable registration & monitor for patches! radar.offseq.com/threat/cve-20 #OffSeq #WordPress #PrivilegeEscalation #Vuln

  16. 🚀🔐 Oh joy, yet another thrilling tale of privilege escalation in the #FreeBSD 14.x kernel! Apparently, four bytes and a bit of oversight is all it takes to achieve root status because... who needs #security, right? 🤦‍♂️ Expect the usual #GitHub proof-of-concept, because nothing screams "fix me" like a public exploit! 🐑💥
    fatgid.io/ #privilegeEscalation #vulnerability #kernel #exploit #HackerNews #ngated

  17. 🚀🔐 Oh joy, yet another thrilling tale of privilege escalation in the #FreeBSD 14.x kernel! Apparently, four bytes and a bit of oversight is all it takes to achieve root status because... who needs #security, right? 🤦‍♂️ Expect the usual #GitHub proof-of-concept, because nothing screams "fix me" like a public exploit! 🐑💥
    fatgid.io/ #privilegeEscalation #vulnerability #kernel #exploit #HackerNews #ngated

  18. Patch immediately before public exploits emerge.

    drupal.org/sa-core-2026-004

    Affected:

    - 8.9.0 , < 10.4.10
    - 10.5.0 , < 10.5.10
    - 10.6.0 , < 10.6.9
    - 11.0.0 , < 11.1.10
    - 11.2.0 , < 11.2.12
    - 11.3.0 , < 11.3.10

    CVE-2026-9082 - Highly critical - SQL Injection
    CVE-2026-8495 - Missing Authorization
    CVE-2026-8493 - XSS
    CVE-2026-8492
    CVE-2026-8491

    #Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

  19. Patch immediately before public exploits emerge.

    drupal.org/sa-core-2026-004

    Affected:

    - 8.9.0 , < 10.4.10
    - 10.5.0 , < 10.5.10
    - 10.6.0 , < 10.6.9
    - 11.0.0 , < 11.1.10
    - 11.2.0 , < 11.2.12
    - 11.3.0 , < 11.3.10

    CVE-2026-9082 - Highly critical - SQL Injection
    CVE-2026-8495 - Missing Authorization
    CVE-2026-8493 - XSS
    CVE-2026-8492
    CVE-2026-8491

    #Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

  20. Zero-Day Exploit Escalates Privileges on Patched Windows Systems

    A security researcher has uncovered a zero-day exploit, dubbed MiniPlasma, that can escalate privileges to LOCAL SYSTEM on fully patched Windows systems by targeting a vulnerability in the Windows Cloud Files Mini Filter Driver. This shocking flaw has left experts wondering if Microsoft simply missed the issue or if a patch was quietly…

    osintsights.com/zero-day-explo

    #ZeroDay #Windows #PrivilegeEscalation #Vulnerability #Miniplasma

  21. ⚠️ CVE-2026-8719 (HIGH, CVSS 8.8): AI Engine for WordPress v3.4.9 lets any OAuth token holder with Subscriber+ escalate to admin via MCP tools. Restrict OAuth, monitor for fixes. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln #PrivilegeEscalation

  22. Microsoft Disputes Azure Vulnerability Report, Silent Patch Issued

    Security researcher Justin O'Leary claims a critical flaw in Azure Backup for AKS could let users with zero Kubernetes permissions gain full cluster administration, but Microsoft disputes the finding. The tech giant quietly issued a patch without acknowledging the vulnerability.

    osintsights.com/microsoft-disp

    #AzureVulnerability #CloudSecurity #Kubernetes #PrivilegeEscalation #MicrosoftAzure

  23. OpenClaw Flaws Expose Data, Enable Privilege Escalation

    A chain of four vulnerabilities, dubbed Claw Chain, in OpenClaw can be exploited to turn an agent into a powerful tool for attackers, allowing them to extract sensitive data, escalate privileges, and plant backdoors for long-term access. This flaw chain enables adversaries to gain a foothold, move undetected, and wreak havoc on an…

    osintsights.com/openclaw-flaws

    #PrivilegeEscalation #VulnerabilityChain #Openclaw #ClawChain #Cyera

  24. AI znalazło lukę w macOS – dlaczego Mac nigdy nie będzie tak bezpieczny jak iOS?

    Firma Anthropic i badacze z firmy Calif użyli modelu AI Claude Mythos, żeby znaleźć nową lukę w macOS. Przy okazji Jason Snell z Six Colors tłumaczy, jak Apple od lat zaciska ochronę Maca, nie rezygnując z jego otwartości.

    AI znalazło lukę, zanim zrobili to złoczyńcy

    Jak informuje MacRumors na podstawie „The Wall Street Journal”, badacze z firmy cyberbezpieczeństwa Calif użyli modelu Claude Mythos Preview — najnowszego modelu Anthropic — do odkrycia nowej luki w macOS. Konkretnie: model pomógł napisać kod łączący dwie istniejące podatności systemowe w taki sposób, że powstał z nich exploit klasy privilege escalation, czyli umożliwiający nieuprawnione podwyższenie uprawnień w systemie.

    <p class="font-claude-response-body break-words whitespace-normal leading-1„>Żeby zrozumieć, dlaczego to istotne, trzeba wiedzieć, czym jest Memory Integrity Enforcement (MIE). To opracowany przez Apple sprzętowy system bezpieczeństwa pamięci, zbudowany na bazie specyfikacji Arm Memory Tagging Extension z 2019 roku. W skrócie: każdy blok pamięci otrzymuje tajny znacznik, a hardware weryfikuje, czy każde odwołanie do pamięci zawiera właściwy znacznik. Jeśli nie — aplikacja się zawiesza. Apple rozwijało MIE przez pięć lat i wdrożyło go w iPhone’ach 17 i iPhone Air, a następnie rozszerzyło na MacBooki z M5.

    <p class="font-claude-response-body break-words whitespace-normal leading-1„>Calif obeszło tę ochronę na M5 w pięć dni. Bruce Dang znalazł podatności 25 kwietnia. Dion Blazakis dołączył do zespołu 27 kwietnia. Josh Maine zbudował narzędzia, a 1 maja działający exploit był gotowy. Atak startuje z konta zwykłego użytkownika bez żadnych specjalnych uprawnień, korzysta wyłącznie ze standardowych wywołań systemowych i kończy się uzyskaniem dostępu do powłoki roota — czyli pełnej kontroli nad systemem.

    <p class="font-claude-response-body break-words whitespace-normal leading-1„>Calif zaznacza, że Mythos Preview był kluczowym wsparciem na każdym etapie: szybko zidentyfikował podatności należące do znanych klas błędów, a potem pomagał przez cały proces budowania exploita. Jednocześnie badacze przyznają, że autonomiczne ominięcie MIE wymagało ludzkiej ekspertyzy — AI samo tego nie zrobiłoby. Badacze zastrzegają, że samo AI nie wystarczyłoby — do przeprowadzenia całości konieczna była ich własna ekspercka wiedza. Niemniej przypadek ten potwierdza, że modele językowe mogą skutecznie asystować w znajdowaniu podatności w oprogramowaniu, co jest zarówno dobrą, jak i niepokojącą wiadomością — zależy, kto z tego korzysta.

    Anthropic uruchomiło projekt o nazwie Glasswing, który umożliwia firmom technologicznym, w tym Apple, korzystanie z Claude Mythos Preview do szukania luk bezpieczeństwa w systemach operacyjnych i przeglądarkach. Znaleziona przez Calif podatność dotyczyła jądra systemu — i co ciekawe, w notatkach do aktualizacji macOS 26.5, którą Apple wydało w tym tygodniu, pojawia się wzmianka o naprawionej luce kernelowej z podziękowaniem właśnie dla Calif i Anthropic. The Wall Street Journal jednak sugeruje, że spotkanie Calif z Apple odbyło się dopiero w tym tygodniu i poprawka może jeszcze nie być wdrożona. Apple poinformowało, że analizuje raport firmy Calif.

    Puenta jest jednak wyraźna: mały zespół z dostępem do najlepszego modelu AI jest w stanie w tydzień pokonać zabezpieczenie, które kosztowało Apple lata pracy i prawdopodobnie miliardy dolarów.

    Mac nigdy nie będzie tak bezpieczny jak iOS — i dobrze

    To dobry moment, żeby sięgnąć po opublikowaną tego samego dnia analizę Jasona Snella z Six Colors, która nadaje całej historii szerszy kontekst.

    Snell pisze, że Mac z założenia jest platformą otwartą — możesz na nim uruchomić dowolny kod z dowolnego źródła — i to jest coś, co sprawia, że Mac jest Makiem. Jednocześnie ta otwartość czyni go bardziej podatnym niż iOS, gdzie Apple kontroluje każdy fragment oprogramowania przez podpisywanie kodu, App Store i notaryzację. Od lat Apple prowadzi na macOS swoistą grę w krecika ze złośliwym oprogramowaniem: kiedy jedno wyjście zostaje zablokowane, scammerzy szukają kolejnego.

    Kiedy Apple utrudniło instalowanie nienotaryzowanych aplikacji, scammerzy zaczęli instruować użytkowników, jak ominąć ostrzeżenia. Kiedy Apple utrudniło to do granic możliwości, przenieśli się do Terminala — i właśnie dlatego macOS 26.4 wprowadził ostrzeżenia przy wklejaniu kodu do Terminala, z inteligentnym mechanizmem rozpoznającym, czy użytkownik jest programistą (i wtedy ostrzeżenie jest mniej natrętne), czy zwykłym użytkownikiem (i wtedy blokada jest surowsza). Sprawdzane są też złośliwe skrypty AppleScript.

    Do tego Apple przez ostatnie lata coraz mocniej kryptograficznie podpisuje partycje systemowe, ograniczyło uprawnienia kont administratorskich, wprowadza aktualizacje bezpieczeństwa w tle między normalnymi aktualizacjami systemu i — od macOS 26.4 — obowiązkowo synchronizuje klucze FileVault przez iCloud.

    Snell kończy optymistycznie: jeśli scammerzy zeszli do poziomu nakłaniania użytkowników do wklejania kodu w Terminal, to być może po latach zaciskania śruby Apple sprawiło, że instalowanie złośliwego oprogramowania na Maku stało się po prostu za trudne dla przeciętnego oszusta. I że obietnica złożona przez przedstawiciela Apple na WWDC w 2018 roku — że użytkownicy Maka zawsze będą mogli uruchomić dowolny kod — wciąż jest dotrzymana.

    #Anthropic #Bezpieczeństwo #ClaudeMythos #FileVault #Gatekeeper #JasonSnell #lukaBezpieczeństwa #macOS #macOSTahoe265 #notaryzacja #privilegeEscalation #ProjectGlasswing #SixColors #terminal
  25. Linux Flaw Exposes Systems to Root Privilege Attacks

    A newly discovered Linux kernel vulnerability, dubbed Fragnasia, allows hackers to gain root privileges and take control of your system - and it's been hiding in plain sight in all Linux kernels released before May 13, 2026. This high-severity flaw lets unprivileged attackers write malicious code into read-only files, giving…

    osintsights.com/linux-flaw-exp

    #LinuxKernelVulnerability #Cve202646300 #Fragnesia #EmergingThreats #PrivilegeEscalation

  26. #Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

    A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
    #dirtyfrag #security

    linux.slashdot.org/story/26/05

  27. #Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

    A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
    #dirtyfrag #security

    linux.slashdot.org/story/26/05

  28. Linux Defenders Scramble to Outpace Exploit Cycle

    Linux defenders are racing against the clock to outmaneuver exploiters, with one maintainer proposing a temporary "kill switch" to disable vulnerable kernel functions until a proper patch can be developed. This stopgap solution aims to buy crucial time between vulnerability discovery and patch release.

    osintsights.com/linux-defender

    #LinuxKernelExploit #EmergingThreats #Cve202643284 #PrivilegeEscalation #VulnerabilityManagement

  29. 🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
    freebsd.org/security/advisorie #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

  30. And here's another one:
    github.com/0xdeadbeefnetwork/C

    This one is not fixed by f4c50a40, so all current kernels are vulnerable. Looks like mitigation is possible by blocking kernel modules `esp4` + `esp6` here as well (and breaking #IPSec in doing so). Can someone confirm?

    Why is it called "Electric Boogaloo"… is this a #DonaldByrd fan? Were they inspired by this week's @thekalimerashow shows??

    #privilegeescalation #linux #vulnerability #linuxadmin #sysadmin #exploit #copyfail2 #electricboogaloo

  31. Here we go again :-/ Another deterministic #privilegeescalation bug in the #Linux kernel. Make sure you're using at least the following version of your branch to mitigate against #dirtyfrag:

    - 7.0.5
    - 6.18.28
    - 6.12.87
    - 6.6.138
    - 6.1.171
    - 5.15.205
    - 5.10.255

    6.19 is eol, so it probably won't get patched. Remove and blocklist the following modules if you have to use an unpatched kernel: esp4 esp6 rxrpc

    See github.com/V4bel/dirtyfrag/blo for more info.

    #vulnerability #linuxadmin #sysadmin #exploit

  32. Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

    30 avril 2026 - Martin Clavey

    Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

    1/

    next.ink/236230/copy-fail-depu

    #Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

  33. Linux Privilege Escalation Cheat Sheet: Techniques and Prevention.

    In this cheat sheet, I break down essential enumeration commands, common escalation paths, and practical techniques every security professional should know.
    denizhalil.com/2025/06/30/linu

    #CyberSecurity #LinuxSecurity #PrivilegeEscalation #Pentesting #RedTeam #BlueTeam #InfoSec #ethicalhacking #SecurityEngineering #itsecurity

  34. I couldn't find a list of #Linux #kernel versions that include a patch for #copyfail, so I dug into the commit log and made one. Make sure you're using at least the following version of your branch to mitigate against copyfail:

    - 7.0-rc7 (any stable 7.x is safe)
    - 6.19.12
    - 6.18.22
    - 6.12.85
    - 6.6.137
    - 6.1.170
    - 5.15.204
    - 5.10.254

    See copy.fail for more info about the #exploit.

    #privilegeescalation #vulnerability #cryptography #linuxadmin #sysadmin