Linux Privilege Escalation
Linux Privilege EscalationCVE-2021-3156 > Exploiting heap-based buffer overflow in sudo for privilege escalation
Improper handling of escaped space leads to copying data pass null terminator, causing buffer overflow on the heap.
March 19, 2026
•
nday
Linux Privilege EscalationNimbuspwn > Linux LPE via Path Traversal and TOCTOU in networkd-dispatcher
Nimbuspwn breaks the invariant that “networkd-dispatcher only executes trusted root-owned scripts from its own hooks directory,” which is violated when an attacker first escapes the hooks path via directory traversal and then swaps the checked script path between validation and execution via a TOCTOU race to get arbitrary code run as root.
November 9, 2025
•
nday
The end.