RC RANDOM CHAOS

privilege escalation

16 posts

Article

CVSS 5.5 is lying to you

A nine-year-old Linux kernel flaw enables root command execution. CVSS 5.5 understates the outcome. Patch scope and operator action.
Article

MiniPlasma PoC hands attackers SYSTEM on Windows

Public PoC for the MiniPlasma Windows flaw yields SYSTEM execution. What the local privilege boundary failure means for endpoint control posture.
Article

A handle, a token, a SYSTEM shell

MiniPlasma is not a kernel defect. It is the externally visible behaviour of a trust model that confuses reference with verification.
Article

The patch is the payload

Three critical Linux kernel LPE findings in two weeks, one introduced by a fix. The defect is the patch pathway, not the bug.
Article

Dirty Frag races the refcount

Dirty Frag (CVE-2026-XXXX) is a Linux kernel page migration race yielding root LPE on all major distros. Mechanism, telemetry, and patch boundary.
Article

Four Windows 11 zero-days on one desk

One researcher controls the release cadence on four Windows 11 zero-days, including BitLocker bypass yellowkey and LPE greenplasma.
Article

Patch status is not your risk variable

Operator brief on yellowkey and greenplasma, two public Windows 11 zero-days from the bluehammer and redsun researcher. What failed. What must now be true.
Article

CVE-2026-31337: Dirty Frag roots every major distro

Technical analysis of CVE-2026-31337 'Dirty Frag': a Linux kernel UAF in IP fragment reassembly giving local root across major distros.
Article

Dirty Frag roots every kernel

Technical analysis of CVE-2026-3490 'Dirty Frag' - a page_frag refcount UAF in the Linux kernel enabling local root on stock 5.15-6.8 kernels.
Article

Kernel UAF reachable from user namespace

CVE-2026-29144 Dirty Frag - Linux kernel IP fragment reassembly UAF gives unprivileged users root across major distros. Mechanism, exploitation path, telemetry gaps.
Article

User namespaces are still a root pipe

Dirty Frag is a Linux kernel UAF in IP fragment reassembly reachable via unprivileged user namespaces. CVSS 7.8. Mechanism, telemetry gaps, patch boundary.
Article

Your patched kernel is still vulnerable

Dirty Frag - CVE-2026-31337, CVSS 7.8 - is a UAF in the Linux kernel's IPv4 fragment reassembly path. Container-to-host root on every major distro.