干货福利，第一时间送达！ 最近有小伙伴说没有收到当天的文章推送，这是因为微信更改了推送机制，导致没有星标公众号的小伙伴刷不到当天推送的文章，无法接收到一些比较实用的知识和资讯。所以建议大家加个星标⭐️，以后就能第一时间收到推送了。

The power to grab root privileges is the ultimate evil in Unix and Linux systems. Kevin Backhouse, a member of the GitHub Security Lab, found the polkit security hole in the course of his duties. He ...

近日，Qualys的研究人员发现了一种新的Linux漏洞名为“Looney Tunables”，追踪编号为CVE-2023-4911，利用该漏洞，研究人员已经成功获得了Fedora、Ubuntu和Debian等主流发行版系统的完全root权限，而其他发行版也可能会受到该漏洞的影响··· 近日，Qualys的研究人员发现 ...

广泛使用的 Sudo 工具中存在一个高危漏洞（CVE-2025-32463），随着概念验证（PoC）利用代码的公开，引发了全球 Linux 系统管理员的高度警惕。该漏洞影响 Sudo 1.9.14 至 1.9.17 版本的 chroot ...

A vulnerability in the Linux sudo command has been discovered that could allow unprivileged users to execute commands as root. Thankfully, this vulnerability only works in non-standard configurations ...

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. The polkit ...

There was a time when, to use a computer, you merely turned it on and were greeted by a command prompt. Nowadays, most operating systems offer a security model with multiple users. Typically, the ...

Sudo, the main command in Linux that allows users to run tasks, has been found to have a vulnerability that allows unauthorized users to execute commands as a root user. The vulnerability, known as ...

Vulnerabilities recently discovered by Microsoft make it easy for people with a toehold on many Linux desktop systems to quickly gain root system rights— the latest elevation of privileges flaw to ...

Topic ===== local root exploit in Linux kernel due to bug in brk() system call Problem Description ===== A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and ...