MITRE ATT&CK — FreeIntelHub

T1548 — Abuse Elevation Control Mechanism (Privilege Escalation)

128 articles found

Help Net Security Vulnerability Disclosure Linux May 11

Linux developers weigh emergency “killswitch” for vulnerable kernel functions

Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnera...

T1548

Help Net Security →

CSO Online Vulnerability Disclosure Microsoft Linux May 11

New ‘Dirty Frag’ exploit targets Linux kernel for root access

A newly disclosed Linux privilege escalation issue dubbed “Dirty Frag” is giving attackers a cleaner path to post-compromise escalation to root privileges. A...

T1548

CSO Online →

Security Affairs Vulnerability Disclosure Amazon May 10

New cPanel vulnerabilities could allow file access and remote code execution

cPanel fixed three flaws that could allow file reads, code execution, and privilege escalation. No active exploitation has been reported yet.

T1190 T1548

Security Affairs →

Qualys Blog CVE Linux May 9

Dirty Frag: Using the Page Caches as an Attack Surface

Dirty Frag is a Linux local privilege escalation (LPE) chain published on May 7, 2026. It combines two previously unknown kernel vulnerabilities can allow an...

T1548 T1068 2 IOCs

Qualys Blog →

The Hacker News CVE May 9

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, co...

T1548 1 IOC

The Hacker News →

Elastic Security Labs Vulnerability Disclosure Linux May 9

Copy Fail and DirtyFrag: Linux Page Cache Bugs in the Wild

This research analyzes the Linux kernel privilege escalation vulnerabilities Copy Fail and DirtyFrag, which exploit subtle page cache corruption bugs to crea...

T1548

Elastic Security Labs →

SC Media Zero-Day Linux May 8

'Dirty Frag' Linux zero-day exposes most distributions to LPE

Dirty Frag Linux zero-day exposes most distributions to root privilege escalation.

T1548

SC Media →

Microsoft Security Blog Vulnerability Disclosure Microsoft Linux Docker May 8

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and memory-fragment handling components including ...

T1190 T1548 T1068

Microsoft Security Blog →

Tenable Blog CVE Linux May 8

Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain

Weeks after the Copy Fail vulnerability was revealed, a new Linux kernel escalation vulnerability has been uncovered. Dubbed “Dirty Frag,” this flaw could al...

T1548 T1068 2 IOCs

Tenable Blog →

Help Net Security CVE Amazon Linux May 8

Dirty Frag: Unpatched Linux vulnerability delivers root access

A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty...

T1548 T1068 2 IOCs

Help Net Security →

Security Affairs Vulnerability Disclosure Red Hat Linux May 8

Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild

Dirty Frag: unpatched Linux kernel flaw grants root access on Ubuntu, RHEL and Fedora. A working exploit is already public.

T1548

Security Affairs →

SANS ISC CVE Linux May 8

Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)

Less than two weeks after the public disclosure of the Copy Fail vulnerability (CVE-2026-31431), another local privilege escalation (LPE) vulnerability in th...

T1548 T1068 1 IOC

SANS ISC →

GBHackers Vulnerability Disclosure Linux May 8

PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability

A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed “Dirty Frag”. This universal local privilege escalation vulnerability allows att...

T1548 T1068 T1598

GBHackers →

The Hacker News CVE Linux May 8

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been describ...

T1548 T1068 1 IOC

The Hacker News →

Cloudflare Blog Vulnerability Disclosure Cloudflare Linux May 7

How Cloudflare responded to the “Copy Fail” Linux vulnerability

When a critical Linux kernel privilege escalation was publicly disclosed, Cloudflare's security and engineering teams detected, investigated, and mitigated t...

T1548

Cloudflare Blog →

HackRead Vulnerability Disclosure Google GitHub May 6

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise.

T1548 T1195

HackRead →

Information Security Buzz CVE Linux May 5

Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation

The Cybersecurity and Infrastructure Security Agency (CISA) has added another Linux kernel vulnerability, CVE-2026-31431, also known as Copy Fail, to the Kno...

T1548 1 IOC

Information Security Buzz →

Exploit Database Vulnerability Disclosure Linux May 4