We're slowly catching up to state-sponsored hackers…
Linux
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
Is this year of local privilege escalation?
Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to 'hallucinations' (or lies) - you've got evidence of an exploit.
We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.
I know, but why is all just lpe? Or just lpe that reported?
Yes. AI bug searches are proving very fruitful. Linux is going to be so much more secure in future
What's going to be exciting is when AI can read binaries as well as it reads code, then we get the same quantity of bugs but for windows and Apple and all the phones
Fun thing with this bug is that sandboxes and containers can't save you — any process that can execute local code can run this exploit and get root.