Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)

Vulnerability
First reported
Last updated
Happening score
H score 15
1 unique sources, 1 articles

Summary

Hide ▲

PinTheft now has a public PoC exploit, turning a recently patched Linux kernel RDS flaw into a practical local privilege escalation risk for Arch Linux systems. V12 says the bug can let local attackers reach root privileges by abusing an RDS zerocopy double-free. The exploit works only under specific conditions, including loaded RDS support and enabled io_uring, but it still materially raises exposure on systems that meet those prerequisites. Administrators should install the latest kernel updates or temporarily block the module to reduce abuse.

Related Happenings

Linux kernel improper privilege management flaw (CVE-2026-46333)

Vulnerability
First: 21.05.2026 10:35 Last: 21.05.2026 10:35 Sources 1

About this happening: A **Linux kernel** privilege-management flaw, **CVE-2026-46333**, can let **unprivileged local users** on **Debian, Fedora, and Ubuntu** disclose **/etc/shadow** and **SSH host ke...

Open Happening

Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)

Vulnerability
First: 18.05.2026 10:18 Last: 18.05.2026 10:18 Sources 1

About this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...

Open Happening

Windows cldflt.sys privilege escalation (CVE-2020-17103)

Vulnerability
First: 18.05.2026 01:30 Last: 18.05.2026 01:30 Sources 1

About this happening: A public **MiniPlasma** proof-of-concept has renewed concern around the **Windows cldflt.sys Cloud Filter driver** because it can elevate a **standard user** to **SYSTEM** on **fu...

Open Happening

Linux kernel XFRM ESP-in-TCP local privilege escalation (CVE-2026-46300)

Vulnerability
First: 14.05.2026 10:06 Last: 14.05.2026 10:06 Sources 1

About this happening: **Fragnesia** adds a fresh **Linux kernel** local privilege-escalation path, putting **unprivileged local attackers** on a route to **root access** across major distributions. The...

Latest development: 14.05.2026 16:00

Cloud security firm Wiz identified Fragnesia (CVE-2026-46300) in the Dirty Frag family, a Linux local privilege escalation that lets unprivileged local users gain root by corrupting the kernel page cache of read-only files. William Bowling of Zellic and the V12 team were credited with the discovery, and a working proof-of-concept exploit was published on May 13, 2026.

Open Happening

Linux kernel Dirty Frag and Copy Fail 2 privilege escalation (multiple vulnerabilities)

Vulnerability
First: 11.05.2026 11:15 Last: 11.05.2026 11:15 Sources 1

About this happening: A newly disclosed **Linux kernel** local privilege-escalation flaw, **Dirty Frag and Copy Fail 2**, can let an unprivileged user reach **root** on affected systems. The bug chains...

Open Happening

Timeline

  1. 20.05.2026 13:52 2 articles · 7d ago

    Public PoC released for PinTheft on Arch Linux

    Initial Disclosure

    V12 disclosed a public PoC exploit for PinTheft, a Linux local privilege escalation flaw in the RDS kernel module that can let local attackers obtain root privileges on Arch Linux systems. The exploit depends on the RDS module being loaded, io_uring being enabled, a readable SUID-root binary, and x86_64 support, and administrators are advised to install the latest kernel updates or temporarily block rds and rds_tcp to reduce exposure.

    Show sources
    Open in new tab