this post was submitted on 11 Jul 2026
70 points (96.1% liked)

Linux

14269 readers
510 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS
top 6 comments
sorted by: hot top controversial new old
[–] softwarist@programming.dev 1 points 7 hours ago

We're slowly catching up to state-sponsored hackers

[–] refalo@programming.dev 3 points 12 hours ago
[–] far_university1990@reddthat.com 18 points 1 day ago (2 children)

Is this year of local privilege escalation?

[–] 8uurg@lemmy.world 11 points 1 day ago (1 children)

Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to 'hallucinations' (or lies) - you've got evidence of an exploit.

We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.

[–] far_university1990@reddthat.com 3 points 15 hours ago

I know, but why is all just lpe? Or just lpe that reported?

[–] psud@aussie.zone 8 points 1 day ago* (last edited 1 day ago)

Yes. AI bug searches are proving very fruitful. Linux is going to be so much more secure in future

What's going to be exciting is when AI can read binaries as well as it reads code, then we get the same quantity of bugs but for windows and Apple and all the phones

Fun thing with this bug is that sandboxes and containers can't save you — any process that can execute local code can run this exploit and get root.