CVE-2022-27666: Exploit esp6 modules in Linux kernel - ETenal
This post discloses the exploit of CVE-2022-27666, which achieves local privilege escalation on the latest Ubuntu Desktop 21.10.
CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers
willsroot.ioVulnerability Research on Low-Level Systems
Alec Petridis
Some of the CTF challenges, robotics things, and other projects I've done
Kernel Exploitation Techniques: modprobe_path
Let's kick things off with a modern day staple for local privilege escalation (LPE) in Linux Kernel Exploitation, modprobe_path.
kernel alchemy pt. 1: developing exploit primitives with CVE-2025-20741
Part 1 in a small series of posts covering the development of kernel exploit primitives, demonstrated with a few bugs in the Mediatek MT76xx wifi driver.
The right thing for the wrong reasons: FLOSS doesn't imply security
While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.
FLOSS Security
While source code is critical for user autonomy, it isn’t required to evaluate software security or understand run-time behavior. One of the biggest parts of the Free and Open Source Software definitions is the freedom to study a program and modify it; in other words, access to editable source code. I agree that such access is essential; however, far too many people support source availability for the wrong reasons. One such reason is that source code is necessary to have any degree of transparency into how a piece of software operates, and is therefore necessary to determine if it is at all secure or trustworthy.
The right thing for the wrong reasons: FLOSS doesn't imply security
While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.