this post was submitted on 11 Jul 2026
71 points (96.1% liked)
Linux
14269 readers
493 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to 'hallucinations' (or lies) - you've got evidence of an exploit.
We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.
I know, but why is all just lpe? Or just lpe that reported?
I have seen others too, I think that the difference lies in that privilege escalation is just more critical and hence prominent.