GigaTap articles tagged linux.
- Tails 7.8 closes privilege-escalation paths - Tails 7.8 fixes kernel and haveged vulnerabilities that could let an application gain admin privileges. Existing users should upgrade carefully to preserve
- VU#980487: Dirty Frag Kernel LPE in Linux - A local Linux kernel vulnerability, Dirty Frag, enables privilege escalation via IPv4/IPv6 fragment reassembly flaws. Patching and module mitigation advise
- CIFSwitch turns local Linux access into a root risk - A new Linux kernel security advisory points to local privilege escalation through CIFS key handling. The practical work is checking exposure, vendors, and
- Linux 7.1-rc5 Is a Test Signal, Not a Stable Green Light - Kernel.org now lists Linux 7.1-rc5 as the current mainline release candidate. Useful for testing and planning, but not a production stability signal.
- Linux gets age-check carve-outs as state laws meet reality - California and Colorado are revising age-verification rules so open-source operating systems, repositories, and container platforms are not treated like ce
- Copy.Fail Shows Why “Local” Linux Bugs Are Not Local - Copy.Fail is reported as a Linux kernel privilege escalation with a working PoC. The risk is not just root on one box, but shared kernels across containers
- Chainguard lowers RPM friction for regulated Linux teams - Chainguard’s RHEL 9/10 RPM support and FINOS membership point to a practical goal: make secure Linux modernization less disruptive for financial institutio
- Copy Fail Patch Alert: Stale Linux Images Still Put Cloud Workloads at Risk - The Linux “Copy Fail” exploit has a patch, but cloud and container estates can keep vulnerable code alive through stale images.
- Dirty Frag: Public Linux Root PoC Before Patch Clarity - A public Linux local root PoC raises risk because the chain is reported as reliable, deterministic, and not yet clearly patched.
- The new ~/Projects default and a week of Linux supply-chain reality - A new standard Projects directory is meant to become an app default, not just a personal habit. The same weekly digest also flags a PyPI workflow breach, a
- Dirty Frag: a Linux root chain that sidesteps “safe defaults” - A reported unpatched Linux kernel LPE (CVE-2026-31431) chains xfrm/ESP and RxRPC page-cache writes, aiming to reach root across common distro configuration
- 100% package test coverage is the point, not the slogan - Chainguard says its OS tests every package automatically, with 100% package test coverage. The useful question is not whether that sounds good, but what it
- Dirty Frag raises the cost of a Linux foothold - Microsoft says Dirty Frag is a Linux local privilege escalation issue that can turn limited access into root through kernel networking paths. Here is what
- pwncat Practical Guide: Reverse Shell Handling, Enumeration, and Post-Exploitation - A hands-on guide to pwncat for stabilizing shells, enumerating hosts, and managing post-exploitation workflows.
- Cloudflare’s Copy Fail Response: What Operators Should Infer - Cloudflare says it mitigated a critical Linux kernel priv-esc with zero customer impact; here’s what that does—and doesn’t—prove.
- zapret2 (anti-DPI) Beginner Guide: Install, Intercept, and Apply Strategies Safely - A beginner-friendly zapret2 guide: install it, redirect only the right packets, and apply anti-DPI strategies on Linux/Windows.