Tag

Root Access

All articles tagged with #root access

security12 days ago•5 min saved

AI-Discovered Fragnesia: a new Linux kernel flaw that could grant root access

AI-assisted disclosure reveals Fragnesia, the third major Linux kernel local root vulnerability in two weeks, which lets an unprivileged user corrupt the kernel page cache via ESP-in-TCP and escalate to root; a PoC exists and Red Hat assigns a CVSS of 7.8. Upstream patches are available but not yet in distros as of May 13, and mitigations include disabling esp4/esp6/rxrpc or constraining user namespaces—though these can break IPsec or rootless containers. Patches are expected soon (around May 14) as AI bug detection accelerates the discovery of new flaws.

via ZDNET|

#kernel #linux #privilege-escalation

technology17 days ago•4 min saved

Dirty Frag: Linux zero-day chains kernel flaws to grant root on major distros

A new Linux local privilege escalation called Dirty Frag chains two kernel page-cache write flaws (xfrm-ESP and RxRPC) to gain root on most major distributions; a PoC and full documentation were released after an embargo was breached. Patches are not yet available; mitigations involve disabling esp4, esp6, and rxrpc modules (which breaks IPsec VPNs). CVEs are CVE-2026-43284 and CVE-2026-43500; CISA warns about similar risks and urges patching and mitigation where possible.

via BleepingComputer|

#kernel #linux #root-access

security23 days ago•3 min saved

Linux Copy Fail flaw exploited to gain root across major distros, CISA warns

CISA warns that the Copy Fail vulnerability (CVE-2026-31431) in the Linux kernel’s algif_aead interface is being exploited to obtain root privileges on unpatched systems, with a PoC shown for Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16. Patches are rolling out across major distros; CISA added the flaw to the Known Exploited Vulnerabilities catalog and urges prompt patching per vendor guidance under BOD 22-01, following earlier patches like Pack2TheRoot.

via BleepingComputer|

#cisa #copy-fail #cve-2026-31431

security1 month ago•3 min saved

Pack2TheRoot Flaw Lets Local Linux Users Gain Root via PackageKit

A high‑severity vulnerability in the PackageKit daemon, named Pack2TheRoot (CVE-2026-41651), could allow a local Linux user to install or remove system packages with root privileges without proper authentication. The flaw spans PackageKit versions 1.0.2 through 1.3.4 and is fixed in 1.3.5; researchers warn that many distros using PackageKit could be affected. Users should upgrade to PackageKit 1.3.5 and verify installations using commands like dpkg -l | grep -i packagekit or rpm -qa | grep -i packagekit, and ensure the PackageKit daemon is running (systemctl status packagekit or pkmon). Patch details have not been disclosed to aid propagation, and exploitation could crash the daemon, making indicators visible in logs.

via BleepingComputer|

#linux #packagekit #root-access

network-security10 months ago•1 min saved

Critical Cisco Vulnerability in Unified CM Exposes Root Access and Urges Phone Replacement

Cisco has issued security updates for a critical vulnerability (CVE-2025-20309) in Unified Communications Manager that allows attackers to gain root access using static credentials, potentially leading to severe network compromise. The flaw affects multiple versions and was discovered during internal testing, with no evidence of active exploitation yet.

via The Hacker News|

#cisco #cve-2025-20309 #network-security

cybersecurity11 months ago•3 min saved

CISA Warns of Active Linux Kernel Privilege Escalation Vulnerabilities Exploited in the Wild

Cybersecurity researchers have discovered two critical local privilege escalation flaws in Linux distributions, allowing unprivileged users to gain root access via PAM and udisks, with potential for system compromise. Patches are recommended to mitigate these vulnerabilities.

via The Hacker News|

#cybersecurity #linux-vulnerabilities #pam-flaw

technologysecurity2 years ago•1 min saved

"Critical Root Access Flaw Discovered in Glibc Library on Major Linux Distros"

A new security flaw in the GNU C library (glibc) allows local attackers to gain root access on Linux machines, impacting major distributions like Debian, Ubuntu, and Fedora. The vulnerability, tracked as CVE-2023-6246, is a heap-based buffer overflow in the __vsyslog_internal() function and was accidentally introduced in glibc 2.37. Further analysis also revealed two more flaws in the same function and a bug in the qsort() function, affecting all glibc versions released since 1992. This comes after a previous high-severity flaw in glibc was detailed by Qualys, emphasizing the critical need for strict security measures in software development.

via The Hacker News|

#cybersecurity #glibc #linux