#privilegeescalation — Public Fediverse posts

Linux Flaw Exposes Systems to Root Privilege Attacks

A newly discovered Linux kernel vulnerability, dubbed Fragnasia, allows hackers to gain root privileges and take control of your system - and it's been hiding in plain sight in all Linux kernels released before May 13, 2026. This high-severity flaw lets unprivileged attackers write malicious code into read-only files, giving…

https://osintsights.com/linux-flaw-exposes-systems-to-root-privilege-attacks?utm_source=mastodon&utm_medium=social

#LinuxKernelVulnerability #Cve202646300 #Fragnesia #EmergingThreats #PrivilegeEscalation

#Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
#dirtyfrag #security

https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

#Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
#dirtyfrag #security

https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

#Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
#dirtyfrag #security

https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

#Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
#dirtyfrag #security

https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

#Fragnesia Made Public As Latest #Linux Local #PrivilegeEscalation #Vulnerability

A new Linux local privilege escalation flaw called Fragnesia has been disclosed as a Dirty Frag-like vulnerability, allowing arbitrary byte writes into the #kernel page cache of read-only files through a separate ESP/XFRM logic bug.
#dirtyfrag #security

https://linux.slashdot.org/story/26/05/13/1621258/fragnesia-made-public-as-latest-linux-local-privilege-escalation-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

🚨 Oh no, not another "all versions" #bug in FreeBSD! 🎉 Apparently, executing a program in your own system is now a privilege escalation 🧙‍♂️✨ Bravo to FreeBSD's stellar security team for fixing a problem that they didn't know existed until Ryan from Calif.io came along to enlighten them. 🙃🔒
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc #FreeBSD #PrivilegeEscalation #SecurityFix #HackerNews #Califio #HackerNews #ngated

Come funzionano le vulnerabilità di #PrivilegeEscalation #Linux basate su corruzione della Cache? (#CopyFail, #DirtyFrag, #DirtyPipe)

https://youtu.be/1rbvUpTI_OY

Copy Fail Linux Privilege

https://beitmenotyou.online/copy-fail-linux-privilege/

Copy Fail Linux Privilege

https://beitmenotyou.online/copy-fail-linux-privilege/

And here's another one:
https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo

This one is not fixed by f4c50a40, so all current kernels are vulnerable. Looks like mitigation is possible by blocking kernel modules `esp4` + `esp6` here as well (and breaking #IPSec in doing so). Can someone confirm?

Why is it called "Electric Boogaloo"… is this a #DonaldByrd fan? Were they inspired by this week's @thekalimerashow shows??

#privilegeescalation #linux #vulnerability #linuxadmin #sysadmin #exploit #copyfail2 #electricboogaloo

Here we go again :-/ Another deterministic #privilegeescalation bug in the #Linux kernel. Make sure you're using at least the following version of your branch to mitigate against #dirtyfrag:

- 7.0.5
- 6.18.28
- 6.12.87
- 6.6.138
- 6.1.171
- 5.15.205
- 5.10.255

6.19 is eol, so it probably won't get patched. Remove and blocklist the following modules if you have to use an unpatched kernel: esp4 esp6 rxrpc

See https://github.com/V4bel/dirtyfrag/blob/master/README.md for more info.

#vulnerability #linuxadmin #sysadmin #exploit

Ah, here we go again

github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md

#DirtyFrag #Linux #Kernel #Security #PrivilegeEscalation #bug

#DirtyFrag — No Patch, No Warning — Root Access on Every Major #Linux distro.
#cybersecurity #vulnerability #PrivilegeEscalation
https://www.cyberkendra.com/2026/05/dirty-frag-no-patch-no-warning-root.html

Honey wake up, new linux privilege escalation just dropped: https://github.com/V4bel/dirtyfrag

#dirtyfrag #privilegeescalation #linux #cybersecurity #vulnerability

Lien recensant l'ensemble des #correctifs pour les #distributions #Linux contre #CopyFail :

https://mstdn.social/@jschauma/116505274281284939

#CopyFail #Patch #Update #Vulnerability #Security #Cybersecurity #Ubuntu #Debian #Fedora #Suse #RedHat #Alpine #AlmaLinux #Trixie #Root #Kernel #Docker #Kubernetes #PrivilegeEscalation #Privilege #UserPrivilege

Lien recensant l'ensemble des #correctifs pour les #distributions #Linux contre #CopyFail :

https://mstdn.social/@jschauma/116505274281284939

#CopyFail #Patch #Update #Vulnerability #Security #Cybersecurity #Ubuntu #Debian #Fedora #Suse #RedHat #Alpine #AlmaLinux #Trixie #Root #Kernel #Docker #Kubernetes #PrivilegeEscalation #Privilege #UserPrivilege

Lien recensant l'ensemble des #correctifs pour les #distributions #Linux contre #CopyFail :

https://mstdn.social/@jschauma/116505274281284939

#CopyFail #Patch #Update #Vulnerability #Security #Cybersecurity #Ubuntu #Debian #Fedora #Suse #RedHat #Alpine #AlmaLinux #Trixie #Root #Kernel #Docker #Kubernetes #PrivilegeEscalation #Privilege #UserPrivilege

Lien recensant l'ensemble des #correctifs pour les #distributions #Linux contre #CopyFail :

https://mstdn.social/@jschauma/116505274281284939

#CopyFail #Patch #Update #Vulnerability #Security #Cybersecurity #Ubuntu #Debian #Fedora #Suse #RedHat #Alpine #AlmaLinux #Trixie #Root #Kernel #Docker #Kubernetes #PrivilegeEscalation #Privilege #UserPrivilege

Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

30 avril 2026 - Martin Clavey

Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

1/

https://next.ink/236230/copy-fail-depuis-2017-une-faille-dans-le-noyau-linux-permettait-a-un-utilisateur-de-passer-root/

#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

30 avril 2026 - Martin Clavey

Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

1/

https://next.ink/236230/copy-fail-depuis-2017-une-faille-dans-le-noyau-linux-permettait-a-un-utilisateur-de-passer-root/

#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

30 avril 2026 - Martin Clavey

Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

1/

https://next.ink/236230/copy-fail-depuis-2017-une-faille-dans-le-noyau-linux-permettait-a-un-utilisateur-de-passer-root/

#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

30 avril 2026 - Martin Clavey

Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

1/

https://next.ink/236230/copy-fail-depuis-2017-une-faille-dans-le-noyau-linux-permettait-a-un-utilisateur-de-passer-root/

#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.

30 avril 2026 - Martin Clavey

Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.

1/

https://next.ink/236230/copy-fail-depuis-2017-une-faille-dans-le-noyau-linux-permettait-a-un-utilisateur-de-passer-root/

#Linux #CopyFail #XintIo #Root #authencesn #SuperUser #Docker #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption

Linux Privilege Escalation Cheat Sheet: Techniques and Prevention.

In this cheat sheet, I break down essential enumeration commands, common escalation paths, and practical techniques every security professional should know.
https://denizhalil.com/2025/06/30/linux-privilege-escalation-cheat-sheet/

#CyberSecurity #LinuxSecurity #PrivilegeEscalation #Pentesting #RedTeam #BlueTeam #InfoSec #ethicalhacking #SecurityEngineering #itsecurity

I couldn't find a list of #Linux #kernel versions that include a patch for #copyfail, so I dug into the commit log and made one. Make sure you're using at least the following version of your branch to mitigate against copyfail:

- 7.0-rc7 (any stable 7.x is safe)
- 6.19.12
- 6.18.22
- 6.12.85
- 6.6.137
- 6.1.170
- 5.15.204
- 5.10.254

See https://copy.fail for more info about the #exploit.

#privilegeescalation #vulnerability #cryptography #linuxadmin #sysadmin

Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root

https://fed.brid.gy/r/https://nerds.xyz/2026/04/copy-fail-linux-root-exploit/

Sequence [TryHackMe] [Writeup]

https://aredopseagle.wordpress.com/2026/03/15/sequence-tryhackme-writeup/

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover https://www.securityweek.com/jumpcloud-remote-assist-vulnerability-can-expose-systems-to-takeover/ #JumpCloudRemoteAssist #privilegeescalation #Vulnerabilities #vulnerability #JumpCloud

@TilliAtHome Habe gelesen, daß es für Desktops mit IntelCPU nur 5% Leistungsgewinn bringt,?! Also hab ich mich nicht weiter damit beschäftigt 🤔 teste ich mal an einem offline Rechner 👍 Die Einschätzung des Risikos durch z.B. #spectre oder #meltdown und mögliche #Angriffsvektoren habe ich anderen überlassen, jetzt stellt sich mir auch noch mal die Frage, wie groß ist das Risiko für welche Nutzungsszenarien?

#itsec #malware #ransomware #phishing #privilegeescalation #linux #foreshadow #zombieload

🔥 Open-source project: Automated audit & hardening of Linux cron jobs (LPE detection & scripts)

After several months of research and lab testing, I’m releasing a complete guide + scripts to detect and fix privilege escalation via misconfigured cron jobs on Linux (automated audit, exploitation examples, hardening tips, etc.).

💡 Example: root shell on a cloud VM through a simple cron misconfiguration (see screenshot).

For sysadmins, SecOps, pentesters, or anyone passionate about Linux security.

👉 GitHub repo: https://github.com/privlabs/lpe-cron-misconfig-2025

Feel free to test, comment, or contribute! Would love your feedback or stories of similar issues you’ve found.

#linux #infosec #sysadmin #opensource #cybersecurity #privilegeescalation

Privilege escalation and jailbreak. 😎🐈‍⬛
#cats #catescapestory #privilegeescalation #jailbreak #hackercat

A hidden bug from 2014 in the Linux kernel is making a comeback—this time fueling ransomware attacks on major systems. Could your setup be at risk?

https://thedefendopsdiaries.com/cve-2024-1086-decade-old-linux-kernel-flaw-exploited-in-ransomware-attacks/

#cve20241086
#linuxsecurity
#ransomware
#privilegeescalation
#cybersecuritynews

"New Linux kernel NetFilter flaw gives attackers root privileges" 😑🐧

https://www.bleepingcomputer.com/news/security/new-linux-kernel-netfilter-flaw-gives-attackers-root-privileges/

#Linux #rootaccess #root #CyberSec #ITsecurity #privilegeescalation #netfilter #sysadmin

what are legitimate reason for a program to need access to /proc/self/mem

https://security.stackexchange.com/questions/269307/what-are-legitimate-reason-for-a-program-to-need-access-to-proc-self-mem

#privilegeescalation #attackvector #webbrowser #process

what are legitimate reason for a program to need access to /proc/self/mem

https://security.stackexchange.com/questions/269307/what-are-legitimate-reason-for-a-program-to-need-access-to-proc-self-mem

#privilegeescalation #attackvector #webbrowser #process

what are legitimate reason for a program to need access to /proc/self/mem

https://security.stackexchange.com/questions/269307/what-are-legitimate-reason-for-a-program-to-need-access-to-proc-self-mem

#privilegeescalation #attackvector #webbrowser #process

what are legitimate reason for a program to need access to /proc/self/mem

https://security.stackexchange.com/questions/269307/what-are-legitimate-reason-for-a-program-to-need-access-to-proc-self-mem

#privilegeescalation #attackvector #webbrowser #process