RC RANDOM CHAOS

linux-kernel

12 posts

Article

CVSS 5.5 is lying to you

A nine-year-old Linux kernel flaw enables root command execution. CVSS 5.5 understates the outcome. Patch scope and operator action.
Article

Linux security intake is overwhelmed

Linus Torvalds says AI-generated reports have made the Linux kernel security list almost entirely unmanageable. A board-level read on the exposure.
Article

Mid-2024: a drunk LLM found a ksmbd kernel bug

How researchers used degraded LLM prompts to find a remote OOB write in the Linux kernel's ksmbd module, and what it means for kernel security.
Article

Kernel bug leaks the SSH host key file

A Linux kernel flaw disclosed this month can expose SSH host keys. What failed, what it exposes, and what operators must now make true.
Article

The patch is the payload

Three critical Linux kernel LPE findings in two weeks, one introduced by a fix. The defect is the patch pathway, not the bug.
Article

Dirty Frag races the refcount

Dirty Frag (CVE-2026-XXXX) is a Linux kernel page migration race yielding root LPE on all major distros. Mechanism, telemetry, and patch boundary.
Article

CVE-2026-31337: Dirty Frag roots every major distro

Technical analysis of CVE-2026-31337 'Dirty Frag': a Linux kernel UAF in IP fragment reassembly giving local root across major distros.
Article

Dirty Frag roots every kernel

Technical analysis of CVE-2026-3490 'Dirty Frag' - a page_frag refcount UAF in the Linux kernel enabling local root on stock 5.15-6.8 kernels.
Article

Kernel UAF reachable from user namespace

CVE-2026-29144 Dirty Frag - Linux kernel IP fragment reassembly UAF gives unprivileged users root across major distros. Mechanism, exploitation path, telemetry gaps.
Article

User namespaces are still a root pipe

Dirty Frag is a Linux kernel UAF in IP fragment reassembly reachable via unprivileged user namespaces. CVSS 7.8. Mechanism, telemetry gaps, patch boundary.
Article

Your patched kernel is still vulnerable

Dirty Frag - CVE-2026-31337, CVSS 7.8 - is a UAF in the Linux kernel's IPv4 fragment reassembly path. Container-to-host root on every major distro.
Article

Copy.fail has been root since 2017

Copy.fail turns an unprivileged Linux user into root via a copy_file_range credential cache flaw. Reachable since 2017. Telemetry gaps explained.