Linux
Researchers Disclose "GhostLock," a 15-Year-Old Linux Flaw Enabling Root and Container Escape
Another long-standing Linux finding lands with defender-team implications across distributions and container platforms.
This tag is the central repository for intelligence regarding the open-source ecosystem powering cloud infrastructure and enterprise desktops. We track the unique security architecture of the Linux kernel and its distributions (Ubuntu, Fedora, Debian, Rocky), focusing on low-level memory safety and userspace daemon vulnerabilities.
Linux
Another long-standing Linux finding lands with defender-team implications across distributions and container platforms.
Vulnerabilities
A significant Google bounty award draws attention to a Linux virtualization finding — defender review continues this week.
Linux
A long-standing KVM finding lands with cloud-provider implications — defender posture review this week.
Linux
Researchers detailed pedit COW, CVE-2026-46331, a Linux kernel privilege-escalation flaw in the act_pedit traffic-control action — a second Linux disclosure in the same weekend as DirtyClone, with distribution patch tracking continuing.
Linux
Another Linux kernel research disclosure — distribution patch tracking work for the week. JFrog published a working exploit for DirtyClone, a local privilege escalation to root in the kernel networking stack, fixed upstream in late May.
Vulnerabilities
A lifecycle deadline that requires defender coordination with hardware vendors, as Microsoft's 2011-era Secure Boot certificates begin expiring across Windows and Linux environments.
Vulnerabilities
A 12-year-old TOCTOU bug in the Linux PackageKit daemon, now dubbed Pack2TheRoot (CVE-2026-41651), allows local users to silently install system packages and escalate to full root on many default-install Linux desktops and servers. BONN, GERMANY — Security researchers from Deutsche Telekom’s Red Team have disclosed