Tag: privilege-escalation (4)

Learning Stuff

Getting Started With Linux Kernel Exploitation

linux kernel kernel-module qemu privilege-escalation bypass-seccomp
December 27, 2025 December 6, 2025 Research
CVE Reproduction

Reproducing Nimbuspwn: Linux Privilege Escalation via Path Traversal and TOCTOU in networkd-dispatcher

A technical walkthrough of reproducing Nimbuspwn (CVE-2022-29799 and CVE-2022-29800), privilege escalation vulnerabilities in networkd-dispatcher exploiting path traversal and TOCTOU race...

Vulnerability: toc-tou race condition; unsanitized path; improper check for symlink

path-traversal toc-tou race-condition code-review linux privilege-escalation from-day-zero-to-zero-day d-bus systemd-networkd networkd-dispatcher sink-to-source cve-2022-29799 cve-2022-29800
December 22, 2025 November 9, 2025 Research
CVE Reproduction

Reproducing CVE-2020-8831: Privilege Escalation via Symlink Attack on Apport's Lock File Implementation

CVE-2020-8831 is a vulnerability where an attacker can create a symlink at /var/lock/apport, redirecting Apport's lock file location and leading...

Vulnerability: using hardcoded path without checking for symlink

symlink lock-file apport cve-2020-8831 privilege-escalation linux from-day-zero-to-zero-day code-review
December 22, 2025 November 8, 2025 Research
CTF > PicoCTF > picoCTF 2023

pwn - tic-tac

Someone created a program to read text files; we think the program reads files with root privileges but apparently it...

Vulnerability: toc-tou race condition

race-condition toc-tou privilege-escalation
December 22, 2025 October 9, 2025 Hard