🚨 Critical Linux Kernel Vulnerability Alert Qualys has disclosed ssh-keysign-pwn: a 6-year race condition in __ptrace_may_access() that lets unprivileged local users read root-owned files. A privileged process (e.g. ssh-keysign or chage) opens sensitive FDs. During do_exit(), after exit_mm() (mm=NULL) but before exit_files(), pidfd_getfd() can steal those FDs. Impact: • Theft of host SSH private keys → real impersonation & MitM risk until keys are rotated
• Full read access to /etc/shadow → offline password cracking Affected: All kernels before 31e62c2ebbfd (May 14, 2026) — Ubuntu, Debian, Arch, CentOS, Raspberry Pi OS and more. Immediate action required: Apply the kernel patch NOW. 🔗 PoC: github.com/0xdeadbeefnetwork…
🔗 Patch: git.kernel.org/…/31e62c2ebbfd
🔗 Full analysis: Phoronix & Qualys oss-security #LinuxSecurity #KernelVulnerability #CyberSecurity #InfoSec #OpenSSH #PrivilegeEscalation #ThreatIntelligence #Linux #CyberThreat #PatchNow

Microsoft Brokering File System Elevation of Privilege Vulnerability #MicrosoftBFS #UseAfterFree #ElevationOfPrivilege #KernelVulnerability #CVE202529970 pixiepointsecurity.com/blog/…

🔴 محققان امنیتی تیم SAFA چهار آسیب‌پذیری سرریز پشته هسته (Kernel Heap Overflow) را در آنتی‌ویروس Avast کشف کرده‌اند که همگی در درایور هسته aswSnx ردیابی شده‌اند. #Avast #Antivirus #SandboxEscape #PrivilegeEscalation #KernelVulnerability #CVE_2025_13032 takian.ir/news/news-آ%D…

🏴‍☠️🚨 Alleged Sale of 0Day EDR Killer Kernel Vulnerability On a popular darkweb forum, a threat actor claims to be selling a 0day driver vulnerability that allows unrestricted reading and writing of physical memory. The offering includes the driver and the complete source code of a C framework, which enables any usermode application to call any kernel function exported by ntoskrnl.exe. This unpatched vulnerability poses a significant risk to endpoint detection and response systems. #0Day #KernelVulnerability #EDRKiller #CyberSecurity

Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1 #AMDexploit #arbitrarypointer #kernelvulnerability #privilegeescalation #IDAreverse security.humanativaspa.it/ex…

Conquering the memory through io_uring - Analysis of CVE-2023-2598 #MemoryConquered #io_uringCVE #AnatomicalPrecision #KernelVulnerability #PowerfulExploitation anatomic.rip/cve-2023-2598/

Researchers have already found a way to bypass one of the new privacy features in Apple's latest macOS release, Mojave. buff.ly/2DyyI0E by Lucian Constantin @lconstantin #kernelvulnerability #macosmojave #securitybypass #servernameindication #tlsextension