RC RANDOM CHAOS

kernel-security

4 posts

CVE-2023-2163 is now a config file away
Article

CVE-2023-2163 is now a config file away

Zeroserve exposes eBPF program loading through an HTTP scripting surface. The kernel verifier becomes the trust boundary for every web request.

A binary that hands kernel hooks to anyone
Article

A binary that hands kernel hooks to anyone

Zeroserve packages kernel-adjacent execution surface under userspace pipelines. The artifact crosses a privilege boundary the pipeline was not scoped to see.

Fragnesia is already loose
Article

Fragnesia is already loose

Fragnesia Linux privilege escalation has a public PoC. The kernel trust boundary is conditional on patch state. What must now be true.

Third party broke kernel LPE embargo
Article

Third party broke kernel LPE embargo

A kernel LPE entered public circulation when a third party broke the disclosure embargo. The control under review was the agreement, not the patch.