this post was submitted on 11 Jul 2026
70 points (96.1% liked)
Linux
14269 readers
493 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Is this year of local privilege escalation?
Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to 'hallucinations' (or lies) - you've got evidence of an exploit.
We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.
I know, but why is all just lpe? Or just lpe that reported?
I have seen others too, I think that the difference lies in that privilege escalation is just more critical and hence prominent.
Yes. AI bug searches are proving very fruitful. Linux is going to be so much more secure in future
What's going to be exciting is when AI can read binaries as well as it reads code, then we get the same quantity of bugs but for windows and Apple and all the phones
Fun thing with this bug is that sandboxes and containers can't save you — any process that can execute local code can run this exploit and get root.