Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to ‘hallucinations’ (or lies) - you’ve got evidence of an exploit.
We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.
Yes. AI bug searches are proving very fruitful. Linux is going to be so much more secure in future
What’s going to be exciting is when AI can read binaries as well as it reads code, then we get the same quantity of bugs but for windows and Apple and all the phones
Fun thing with this bug is that sandboxes and containers can’t save you — any process that can execute local code can run this exploit and get root.
Is this year of local privilege escalation?
There has always been new local privilege escalation bugs every month on Linux, and they’re not a big deal.
Privilege detection can be detected (i.e. by having a certain application run as root), if you have a piece of software try out a bunch of things (fuzzer, or more recently an LLM-in-a-loop) until this detection is triggered - evidence of actual success, even when things like LLMs are prone to ‘hallucinations’ (or lies) - you’ve got evidence of an exploit.
We have reached a point where this methodology is applied to a bunch of codebases, with some technological advances making it more capable and faster, hence the larger number of exploits being found.
I know, but why is all just lpe? Or just lpe that reported?
You must first gain access before anything else.
I have seen others too, I think that the difference lies in that privilege escalation is just more critical and hence prominent.
Yes. AI bug searches are proving very fruitful. Linux is going to be so much more secure in future
What’s going to be exciting is when AI can read binaries as well as it reads code, then we get the same quantity of bugs but for windows and Apple and all the phones
Fun thing with this bug is that sandboxes and containers can’t save you — any process that can execute local code can run this exploit and get root.