HackingPassion.comKernel-Security
4 posts
OpenBSD Let Attackers Log In With an Empty Password for 27 Years
A 27-year-old flaw in OpenBSD let attackers bypass its PPP login with nothing more than an empty username and an empty password. Hand a vulnerable system a …
ssh-keysign-pwn Lets Any Linux User Steal SSH Keys and Password Hashes Without Root
ssh-keysign-pwn is a newly disclosed Linux kernel vulnerability that gives any unprivileged local user direct access to the SSH host private keys of a server …
Dirty Frag Gives Root Access on Every Major Linux Distribution
A new Linux zero-day called Dirty Frag gives any local user full root access on every major Linux distribution, and right now no distribution has a patched …
Copy Fail CVE-2026-31431: Nine Years of Root Access Hidden in the Linux Kernel
Since 2017, every major Linux distribution has been shipping a flaw that hands root access to any local user. The exploit is a 732-byte Python script that uses …