grsecurity @grsecurity
Foundational security for the Linux kernel. Solving the most difficult memory unsafety problems. Created by @opensrcsec grsecurity.net Joined June 2012-
Tweets4K
-
Followers9K
-
Following1
-
Likes58
It's now available!
We expect our 7.0 beta to be available for testing within the next two weeks.
We expect our 7.0 beta to be available for testing within the next two weeks.
Correcting the above: in terms of LTS kernels it's 5.10+, but the 2020 commit came in Linux 5.6 (so would affect for instance some Ubuntu 20.04 kernels as well on 5.8)
Exploits are now appearing targeting pidfd, which is forced into all Linux kernels since 5.10 (2020), no module or initcall to blacklist this time, must patch ASAP!
We've just sent a detailed mail to all customers notifying them of this issue, with split-out fixes available for 5.15, 6.6, and 6.18. We'll share more information on our Knowledge Base as it becomes available.
@thingwhere Yes, it now has CVE-2026-46333 : lore.kernel.org/linux-cve-anno…
We've just published a Knowledge Base article with more information about the vulnerability, current published/unpublished exploits, and current mitigations. We still recommend patching ASAP.
Exploits are now appearing targeting pidfd, which is forced into all Linux kernels since 5.10 (2020), no module or initcall to blacklist this time, must patch ASAP!
We don't recommend the '3' setting (which rejects all attach-like ptrace_may_access() requests, regardless of privilege level) as once set, it is locked to that value until reboot.
As mentioned at openwall.com/lists/oss-secu… , distro users can echo 2 > /proc/sys/kernel/yama/ptrace_scope to mitigate. Keep in mind this will break some normal usage, like preventing unprivileged use of strace, gdb, etc entirely.
@thingwhere There hasn't been one published and no sign in the Linux CNA's vulns.git of one having been allocated yet still, as of now.
We've just sent a detailed mail to all customers notifying them of this issue, with split-out fixes available for 5.15, 6.6, and 6.18. We'll share more information on our Knowledge Base as it becomes available.
We've uploaded new patches for 5.15, 6.6, and 6.18 to address an obfuscated upstream Linux logic vulnerability that should exist in all kernel versions: git.kernel.org/pub/scm/linux/…
The commit message makes no mention of it, but we believe the goal of exploiting the vulnerability would be to target a suid root binary that drops its privileges while retaining privileged access to a file on exit that via the vuln an unprivileged user could gain access to.
We've uploaded new patches for 5.15, 6.6, and 6.18 to address an obfuscated upstream Linux logic vulnerability that should exist in all kernel versions: git.kernel.org/pub/scm/linux/…
We've published a detailed KB article for customers on the two vulnerabilities involved in Dirty Frag and the associated public exploits, feel free to reach out with any questions.
The upstream rxrpc vulnerability affects >= 6.5. The second vuln reusing the same "Dirty Frag" naming requires unprivileged userns to exploit as an unprivileged user, disabled in grsecurity since it first existed.
Fixes for Dirty Frag (seclists.org/oss-sec/2026/q…) were already included in our current 6.6 and 6.18 patches from May 4th. No distro builds in CONFIG_AF_RXRPC, so MODHARDEN should be generally effective against unprivileged exploitation.
The KB article with links to the combined/split-out patches for 5.15 and 6.6 (adapted to grsecurity) are now available.
Patches are now available, KB article next with links to the combined/split-out patches
Patches are now available, KB article next with links to the combined/split-out patches
We'll have updated 5.15 and 6.6 patches available shortly (despite 5.15 being EOL) along with split-out patches available for both 5.15 and 6.6 for those on older kernels who need CONFIG_CRYPTO_USER_API_AEAD enabled (which shouldn't be anyone)
We'll have updated 5.15 and 6.6 patches available shortly (despite 5.15 being EOL) along with split-out patches available for both 5.15 and 6.6 for those on older kernels who need CONFIG_CRYPTO_USER_API_AEAD enabled (which shouldn't be anyone)
For RHEL/RHEL-derived configurations, this approach will work (the function name has been stable since 2015 and initcall_blacklist has been supported since 2014): news.ycombinator.com/item?id=479565…
Don't rely on mitigation suggestions from others floating around: non-readable suid binaries only does something for this specific exploit, it's exploitable in other ways that don't involve suid binaries at all.
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Brad Spengler @spendergrsec
7K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal account
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
thaddeus e. grugq @thegrugq
128K Followers 420 Following Hacker :: PhD researcher @warstudies @KingsCollegeLon :: [email protected] :: PGP https://t.co/dYipV8y3bo
kylebot @ky1ebot
6K Followers 334 Following @OpenAI | CTF player @Shellphish | PhD @ASU | @angrdothorse dev | Author of how2heap, angrop | Vulnerability Research Hobbyist
Andrey Konovalov @andreyknvl
7K Followers 862 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research of BigTech Advisor of Grsecurity. BYOS Commitee Member of OffensiveCon, Langsec, DistrictCon, Secdev
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dmitry Vyukov @dvyukov
9K Followers 387 Following I tweet about fuzzing, bugs, sanitizers, security, hardening, kernels, syzkaller, Go, performance, concurrency, lock-free algorithms.
Marcel Böhme👨�... @mboehme_
7K Followers 1K Following Software Security Group @maxplanckpress PhD @NUSComputing, Singapore Research Group: https://t.co/BRnFNNh6d9
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Offensive @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ
chrisrohlf @chrisrohlf
12K Followers 927 Following Waging algorithmic warfare since 2003. Engineer, Researcher. MTS @ Anthropic, Non-Resident Research Fellow @CSETGeorgetown CyberAI
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
Jon Masters 🏴�... @jonmasters
16K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServers
Ulysse @ulysse4sec
0 Followers 162 Following
pele cop @cop_pele
2 Followers 242 Following
june @x86pup
28 Followers 258 Following ketamine puppy, security researcher, rust dev it/she/puppy 🏳️⚧️ 🦴 https://t.co/RrPNbrSKtF
nothing is everything @IsEv3ryth1ng
1 Followers 402 Following
Dongli @justicezhang
10 Followers 594 Following
ahmetx @userentry
258 Followers 27 Following https://t.co/u3UWKnd1Yn / https://t.co/FFa1YxjwQU (https://t.co/KvFZ5G64z4) (tor proxy:: https://t.co/VNfF97xyHH) https://t.co/nZQzP1QQ0U https://t.co/krkBSLnjcu
rotten @vowrotten
0 Followers 58 Following
sai @literally_sai
10 Followers 114 Following
thingwhere @thingwhere
5 Followers 23 Following Prefer meaningful debate, facts matter - will block for throwing childish insults around.
Cameron Rees @_cam_rees
122 Followers 436 Following
Alessandro Gambin da ... @z3rocall
266 Followers 3K Following Noah's dad 😻 Nature lover 🌷 Software engineer 👨🏻💻 Pilot 👨🏻✈️ In a timeless discovery journey called life 🏞️
LJ_asnhuman35 @anshum__s
2 Followers 18 Following
Rafael Aquini @raaquini
79 Followers 331 Following Senior Software Engineer at Red Hat, Inc. (@RedHatNews) -- Just another one among others!
daisy @daisyydaisy_
26 Followers 288 Following CTF player / pwn @fibonhack | Comp Eng undergrad @ University of Pisa
HappyQQ_AI @HappyQQ_AI
19K Followers 8K Following 为 AI 飞速发展助力,打造 AI 相关的好用的软件平台。 公众号:移动互联网 | 微信号:HappyQQ_AI。 AI开发交流Discord社区:https://t.co/yNQuB0qZRC
pts @ptszwyb
2 Followers 287 Following
( ( ( ≺⦿≻ ) ) ) @SQLERAPHAEMIIAH
2 Followers 41 Following
aaaq1 @aaaq1564904
0 Followers 675 Following
gk98 @98erKAG
44 Followers 2K Following
Jaiden @Jaiden02858593
0 Followers 282 Following
African man @gamenigg
422 Followers 4K Following
chen cheng @chencheng265403
1 Followers 123 Following
Elo Ukwandu @Elo24th
1K Followers 5K Following Christian | Husband | Dad | PhD in Applied Cryptography | FHEA | SMIEEE | UK Moonshot Creator in Transformative Technologies | End-User Authentication Systems.
securitywithlemon @__past3l
10 Followers 63 Following I’m researching defence bypass techniques in windows/linux siem edr xdr | ebpf magician
ad0nis @ad0nis110245
0 Followers 37 Following
aa @ueel_api
1 Followers 14 Following
mathematicat @0xm0t0k0
8 Followers 316 Following security researcher, fine arts major, somehow bridging them both
Cody Colclough @CodyColclough
91 Followers 168 Following cold brew & cold brews. social town sim w/ posts as dialogue https://t.co/vdUiIgGUAi
curiouspocket @curiouspocket
0 Followers 472 Following
dvknh dfjnik @DvknhD84677
6 Followers 128 Following
mcn @mcn292098683671
0 Followers 48 Following
Birk Richter @BirkRichte81605
0 Followers 11 Following
Noah @noahisbuilding
20 Followers 56 Following building a social platform for research papers https://t.co/e4OvT6Hmqr
TornadoThunder @TornadoThunder4
13 Followers 642 Following
Fatemeh Nouri @Shahrbanouri
31 Followers 195 Following ما نظارهگران شهر تاریکیم، در انتظار بلعیده شدن در هنگامهی جستجوی روشنایی 🌻
Arusekk @arusekk_pl
2 Followers 45 Following
Vaibhav Sahoo @Vibehaisahoo
5 Followers 27 Following
Dr Ravi Nayyar @ravirockks
1K Followers 5K Following SSC x CNI x Regulation | Lead Policy Analyst @ AUSCL | Fellow @ASPI_org and @ Social Cyber Institute | Blog @TechLegalUpdate | #KalikaMataKiJai
Y M @yoshite02
20 Followers 25 Following
AndrewMohawk⁽ⁿᵘ... @AndrewMohawk
5K Followers 3K Following Sec/Madness @privy_io principal security , @_seal_org technical council prev: HoS @uniswap, D&R/IR @RobinhoodApp, IR @BitMEX, Built @Paterva Maltego with RT
urlin @urlin
27 Followers 253 Following
Open Source Security ... @opensrcsec
2K Followers 0 Following Open Source Security Inc. Creators of @grsecurity®Trends for United States
You might like
