kernel-security
4 posts
Article
CVE-2023-2163 is now a config file away
Zeroserve exposes eBPF program loading through an HTTP scripting surface. The kernel verifier becomes the trust boundary for every web request.
Article
A binary that hands kernel hooks to anyone
Zeroserve packages kernel-adjacent execution surface under userspace pipelines. The artifact crosses a privilege boundary the pipeline was not scoped to see.
Article
Fragnesia is already loose
Fragnesia Linux privilege escalation has a public PoC. The kernel trust boundary is conditional on patch state. What must now be true.
Article
Third party broke kernel LPE embargo
A kernel LPE entered public circulation when a third party broke the disclosure embargo. The control under review was the agreement, not the patch.