Skip to content

CVE 2026 46331#4153

Open
RavenTait wants to merge 8 commits into
developfrom
cve-2026-46331
Open

CVE 2026 46331#4153
RavenTait wants to merge 8 commits into
developfrom
cve-2026-46331

Conversation

@RavenTait

Copy link
Copy Markdown
Contributor

Details

Three new detections based around CVE-2026-46331

  • Linux Apparmor Bypass Via Aaexec
  • Linux Auditd Possible Setuid Execve Privesc
  • Linux Pedit Offset Out Of Bounds

@nasbench nasbench added this to the V6.3.0 milestone Jul 8, 2026

@nasbench nasbench left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall LGTM. Just some small comments/requests

Comment thread detections/endpoint/linux_auditd_possible_setuid_execve_privesc.yml Outdated
Comment thread detections/endpoint/linux_auditd_possible_setuid_execve_privesc.yml
Comment thread detections/endpoint/linux_apparmor_bypass_via_aaexec.yml Outdated

@nasbench nasbench left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants