Safeguard
Tag

linux-security

Safeguard articles tagged "linux-security" — guides, analysis, and best practices for software supply chain and application security.

12 articles

Container Security

CTF Writeup: Container SETUID Escape Techniques

A container-local root shell is not the flag. CVE-2019-5736 and CVE-2021-4034 both show how a SETUID binary inside a container can become a host compromise.

Jul 8, 20266 min read
Vulnerability Management

The CUPS RCE Chain: A Technical Breakdown of CVE-2024-47176

Four medium-severity CUPS bugs chained into unauthenticated RCE on UDP/631 — a masterclass in why CVSS scores per-CVE miss the real risk of a vulnerability chain.

Jul 8, 20266 min read
Vulnerability Analysis

regreSSHion OpenSSH RCE vulnerability CVE-2024-6387

CVE-2024-6387 "regreSSHion" is a signal handler race condition in OpenSSH's sshd enabling unauthenticated root RCE on glibc-based Linux systems.

May 5, 20268 min read
Vulnerability Analysis

What is Privilege Escalation

Privilege escalation turns a minor foothold into a full breach. Learn the techniques, real-world examples, and how to detect and stop it.

Mar 28, 20266 min read
Vulnerability Analysis

The XZ Utils Backdoor Explained

A trusted maintainer, years of quiet social engineering, and one hidden SSH backdoor: how CVE-2024-3094 nearly compromised the global Linux supply chain.

Feb 11, 20268 min read
Vulnerability Analysis

Shellshock Bash environment variable RCE (CVE-2014-6271)

A 2014 parsing flaw in Bash's function-export handling let attackers run arbitrary commands via environment variables — and it's still exploited today.

Jan 15, 20268 min read
Vulnerability Analysis

sudo -e/sudoedit privilege escalation bypass (CVE-2019-14287)

CVE-2019-14287 let sudo users bypass "run as any user except root" rules via `sudo -u#-1`, gaining full root. Here's how it worked and how to fix it.

Jan 7, 20268 min read
Vulnerability Analysis

Privilege escalation vulnerabilities explained

Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.

Dec 9, 20256 min read
Vulnerability Analysis

The XZ Utils Backdoor: A Timeline and Technical Post-Mortem

A technical post-mortem of CVE-2024-3094, the XZ Utils backdoor: how a trusted maintainer identity was used to plant a supply chain backdoor in sshd.

Jul 13, 20258 min read
Vulnerability Analysis

CUPS Vulnerability Chain: Remote Code Execution via Linux Printing

A chain of vulnerabilities in the CUPS printing system allows unauthenticated attackers to achieve remote code execution on Linux systems by exploiting how printers are discovered and configured.

Sep 26, 20247 min read
Supply Chain Security

Snap Store and Flatpak Security Models Compared

Universal Linux packaging formats promise sandboxed applications. Their security models differ significantly, and neither delivers the isolation most users assume.

Nov 12, 20236 min read
Runtime Security

eBPF for Security Monitoring: What It Can and Cannot Do

eBPF is being called the future of security observability. It is genuinely powerful, but it is not a magic bullet for runtime security.

Aug 12, 20225 min read
linux-security — Safeguard Blog