tldrdailynews.com logo
Tag

Privilegeescalation

All articles tagged with #privilegeescalation

Copy Fail exposes Linux to root by exploiting kernel crypto path
security3 hours ago

Copy Fail exposes Linux to root by exploiting kernel crypto path

Security researchers disclosed Copy Fail (CVE-2026-31431), a Linux local privilege-escalation flaw in the algif_aead kernel module that lets an unprivileged user corrupt a page cache and elevate to root across major distributions since 2017. The issue is portable, cross-container, and can be triggered with a small Python script, prompting advisories from major distros. Exploitation is local (not remote) but remains highly dangerous due to its ease and wide impact.

via The Hacker News|
#algifaead#cve-2026-31431#kernel
"CherryLoader Malware: Mimicking CherryTree for Privilege Escalation"
cybersecurity2 years ago

"CherryLoader Malware: Mimicking CherryTree for Privilege Escalation"

A new Go-based malware loader called CherryLoader has been discovered, masquerading as the legitimate CherryTree note-taking application, to deliver privilege escalation tools such as PrintSpoofer and JuicyPotatoNG onto compromised hosts for follow-on exploitation. It packs modularized features that allow threat actors to swap exploits without recompiling code and uses encryption methods and anti-analysis techniques to evade detection. The loader is distributed through a RAR archive file and leverages fileless techniques for execution, ultimately setting up persistence on the host and disarming Microsoft Defender.

via The Hacker News|
#cherryloader#cybersecurity#malware