Tag

#linux

4 posts tagged #linux.

Analysis · Jun 17, 2026 · Colten Anderson

regreSSHion proved 'hard to exploit' is not a patch window

CVE-2024-6387 got filed under 'low priority' because it's slow on 64-bit. The CVSS score measured exploit difficulty, not what a root RCE in sshd actually puts at risk.
Analysis · May 20, 2026 · Colten Anderson

The fix shipped in 2015. The CVE came in 2017. The deadline landed in 2024.

CVE-2017-1000253 is a Linux kernel privilege escalation that was already patched upstream two years before it got a CVE. It got a federal deadline the same year CentOS 7 died. 'Patched upstream' never meant 'patched on your box.'
Analysis · May 20, 2026 · Colten Anderson

The Linux firewall bug your users can reach because you gave them a private root

CVE-2024-1086 is an nf_tables use-after-free that hands a local user root. The reason an unprivileged user can touch the kernel's packet-filtering engine at all is unprivileged user namespaces, and turning those off defuses a whole class of these bugs at once.
Analysis · May 3, 2026 · Colten Anderson

Copy Fail is a 732-byte root shell. Patch your Linux fleet this week.

CVE-2026-31431 is a deterministic privilege escalation in the Linux kernel affecting versions 4.14 through 6.19. A Python script gives any local user root. Every major distro is affected, containers don't help, and the mitigation is trivial.