morgen<p>Just published a proof-of-concept exploit for CVE-2025-32463, a new Linux privilege escalation vulnerability affecting sudo discovered and disclosed by Stratascale about 2 weeks ago.</p><p>The PoC is available on GitHub. A full technical writeup will be published on my blog soon.</p><p>GitHub: <a href="https://github.com/morgenm/sudo-chroot-CVE-2025-32463" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/morgenm/sudo-chroot</span><span class="invisible">-CVE-2025-32463</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ExploitDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ExploitDev</span></a> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/PrivilegeEscalation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivilegeEscalation</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exploit</span></a> <a href="https://infosec.exchange/tags/Rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rust</span></a> <a href="https://infosec.exchange/tags/PrivEsc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivEsc</span></a></p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
249active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#privesc
0 posts · 0 participants · 0 posts today
boredsquirrel<p><span class="h-card" translate="no"><a href="https://floss.social/@kde" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kde@floss.social</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.kde.social/c/kde" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kde@lemmy.kde.social</span></a></span> </p><p>Can you tell us what happens on the "sandbox all the things" goal?</p><p>I think this is a pretty crucial step forward, even though <a href="https://tux.social/tags/sandbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sandbox</span></a> technologies (most often through user namespaces) are more problematic than I initially thought.</p><p>(Basically, user <a href="https://tux.social/tags/namespaces" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>namespaces</span></a> open up <a href="https://tux.social/tags/privesc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privesc</span></a> dangers to the monolithic <a href="https://tux.social/tags/kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kernel</span></a>, which is incredible. <a href="https://tux.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> and <a href="https://tux.social/tags/ChromeOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeOS</span></a> use <a href="https://tux.social/tags/LXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LXC</span></a>, mounts and <a href="https://tux.social/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> for <a href="https://tux.social/tags/sandboxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sandboxing</span></a>)</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload