Mastodawn

I made a static website generator that indexes #linux #kernel configs from various linux #distro s so that you could easily query a kconfig entry to check which distros enabled it.

Check it out at https://kconfigwtf.kxxt.dev/

It is useful for #security, e.g. when you need to check if your kernel is vulnerable to a new #LPE because it enabled certain vulnerable modules.

1/3

jurimurati May 30

🚨 Dirty Frag CVE-2026-43284: Linux Kernel LPE Under Active Attack

Actively exploited Linux kernel vulnerability targeting memory-fragment handling. Enables root access via SSH, web shells, or containers.

Analysis covers:
• How the kernel exploit works
• Active exploitation status
• Detection strategies
• Mitigation guidance

https://cyber.murati.net

#cybersecurity #infosec #Linux #LPE #kernelsecurity #CVE

CyberSec Insights — Cybersecurity Intelligence Blog

In-depth cybersecurity analysis, threat intelligence, and security research for professionals defending against advanced threats.

CyberSec Insights

histrio May 28

https://heyitsas.im/posts/cifswitch/

And another one #Linux #LPE #cifswitch
The #PoC #exploit is at large. The kernel patch is public (vendors are adapting it right now I guess). No CVE is assigned yet.

CIFSwitch: a non-universal Linux local root vulnerability

Harnessing LLMs into composing complex, multihop vulnerability chains to discover CVE-2026-46243

Hey, it's Asim

Analyst207 May 24

AI-Discovered Bugs Expose Linux Security Trend

Linux is facing a surge in security vulnerabilities, with two high-risk kernel-level flaws uncovered just days apart - a trend that's expected to continue, potentially forcing companies to reboot servers on a weekly basis. These recently publicized issues, including Dirty Frag, Copy Fail, and Fragnesia, are linked by a common weakness in the…

https://osintsights.com/ai-discovered-bugs-expose-linux-security-trend?utm_source=mastodon&utm_medium=social

#LinuxSecurity #LinuxPrivilegeEscalation #PageCache #KernelVulnerabilities #Lpe

AI-Discovered Bugs Expose Linux Security Trend

Discover the Linux security trend behind recent bugs like Dirty Frag and Fragnesia, learn how page-cache flaws affect multiple distros, and prepare your servers - read the expert analysis now.

OSINTSights

CyberNetsecIO May 23

📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/miniplasma-windows-zero-day-revives-patched-flaw-for-system-privilege-escalation/?utm_source=mastodon&utm_medi…

Tony “Abolish ICE” Arcieri🌹🦀May 20

Anyone remember circa 2008-2010 or so there was a period of a lot of Linux LPEs, e.g. vmsplice, but also mremap and half-nelson/full-nelson?

It's feeling like that time again...

#linux #security #lpe

Show thread

adlerweb // BitBastelei May 20

…and again and again…
https://github.com/v12-security/pocs/tree/main/pintheft
#LPE #PinTheft

pocs/pintheft at main · v12-security/pocs

poc it like it's hot. Contribute to v12-security/pocs development by creating an account on GitHub.

GitHub

Mike Ely May 20

I'm starting to wonder if this steady drip-drip of #LPE vulnerability releases isn't a kind of Denial-of-Sysadmin attack, in which people get so exhausted from mitigating yesterday's LPE only to find a new one today that they basically start to run out of spoons and leave their systems vulnerable. #sysadmin

histrio May 19

A fresh one

https://github.com/v12-security/pocs/tree/09e835b587bf71249775654061ae4c79e92cf430/pintheft

No major distro is currently default-exposed to this PoC as written:
- anything on a kernel below 6.13 (Debian 13, Ubuntu LTS) lacks the required primitive
- enterprise distros (RHEL/Alma/Rocky) strip RDS entirely

#LPE #pintheft