Olivia
Online
Openwall
@Openwall
Infosec focused free software, research, publications, community activities @oss_security. Tweets are announcements. Please direct questions to @solardiz.
Joined June 2010
14 Following
7.2K Followers
388 Posts
Linux kernel: Logic bug in __ptrace_may_access() https://t.co/9oOGkDIhTx
Discovered by @Qualys, publicly fixed in mainline, then reported to distros, spotted and exploited by others same day, distros scramble to fix their kernels as it became usual lately.
https://t.co/5gSjutUyNx
CVE-2026-46300 aka Fragnesia: Linux kernel: Page cache corruption via a logic bug in the Linux XFRM ESP-in-TCP subsystem https://t.co/XsFZD7dTho
https://t.co/BSCdnpyYnk
Dirty Frag: Universal Linux LPE https://t.co/CEVKNcM4zK
allows obtaining root privileges on all major distributions. This vulnerability has a similar impact to the previous Copy Fail. Because the embargo has now been broken, no patches or CVEs exist for these vulnerabilities.
CVE-2026-31431 aka Copy Fail: Linux kernel: algif_aead page cache corruption https://t.co/oNCw9FYGJL
logic bug in authencesn, chained through AF_ALG and splice() into a 4-byte page-cache write
Python script roots every Linux distribution shipped since 2017
https://t.co/5pztc379nK
Who to follow
quarkslab
@quarkslab
Securing every bit of your data
https://t.co/hqdd8jMkYM
https://t.co/GOXPtukIXE
lcamtuf
@lcamtuf
Substack: https://t.co/yFvmNisGW3
Homepage: https://t.co/iFAXZxCO5H
Seongsu Park 
@unpacker
Hustlin’ in Cyber Threat Intelligence | Tweets are my own | Keybase: @seongsupark | Mastodon: @[email protected]
April 2026 was the busiest month for oss-security in 11 years. 311 messages posted. We surpassed the XZ backdoor spike of March-April 2024. We last had 300+ in April 2015 when we still had CVE assignment via the list. Now we're back without that incentive. https://t.co/HNWsHvNflr
Linux Kernel Runtime Guard @lkrg_org 1.0.1 by @Adam_pi3 @solardiz @kerneltoast et al. is out, adds support for Linux 6.19 and 7.0, contains hardening changes and bug fixes https://t.co/oqOq6sSn83
passwdqc 2.1.0 is out, adding built-in common passwords list. We effectively include top 100k of HIBPv8 overlap with RockYou, optimized and compressed to under 200 KB embedded in program binary. None of JtR password.lst 1.8 million are accepted by default. https://t.co/MXM9XlP0ab
passwdqc 2.0.3 releases for Unix-like and Windows systems are out, with many minor additions and changes. Leaked password filter files updated to HIBP v8, encoding the 847+ million unique passwords (from billions of accounts) in a 3.5 GB file. https://t.co/8VnNKqUFes
Sponsor spotlight: @Openwall
The people behind John the Ripper and decades of open-source security work. If anyone understands community-driven security, it's them.
Thank you for backing #BSidesLjubljana.
#InfoSec #Cybersecurity #Openwall
At #NullconBerlin2025, @solardiz unpacked how Linux Kernel Runtime Guard (LKRG) 1.0 brings real-time integrity checking & exploit detection to the Linux kernel, even across different versions & edge-case environments.
Watch Now: https://t.co/VPX5t7FbcF
#LKRG #LinuxSecurity
What should @Openwall's simpler vulnerability scoring system (CVSS alternative) be called? Note that we already have OVE https://t.co/ZcLav61N41 as a CVE alternative, but unfortunately the OVSS acronym already has a bit of use in CS/AI for "open-vocabulary semantic segmentation".
Hash Suite 4.0 (Windows) adds support for custom Python scripts as key-provider, updated wordlists to download, better high-resolution support, and should have fewer antivirus false positives. https://t.co/eusSd0zmSL
We've just published the slides of @solardiz's @Nullcon Berlin 2025 talk "Linux Kernel Runtime Guard (LKRG) 1.0" https://t.co/gIj8vDjs1A #LKRG #nullconBerlin2025 #nullcon
Strengthening Linux Security With Kernel Runtime Guard 🎯
#Linux security remains a pressing concern as vulnerabilities continue to expose critical systems.
@solardiz, founder of @Openwall, and senior principal security engineer at CIQ, said Linux Kernel Runtime Guard's, or LKRG, 1.0 release brought major improvements in testing and code cleanup.
Watch his full interview with @aseemjakhar: https://t.co/akSn411FVL
#ISMGNews #ISMGStudio #cybersecurity #NullconBerlin2025 @nullcon
Linux Kernel Runtime Guard @lkrg_org 1.0.0 by @Adam_pi3 @solardiz @kerneltoast et al. is out, adds support for Linux 6.13+ (tested to 6.17-rc4), forward-edge CFI (Intel CET IBT, KCFI), ..., reduces performance overhead, shrinks the codebase by ~2500 lines. https://t.co/uUdUDIaNEe
Heading to Nullcon Berlin 2025? @solardiz will share his LKRG expertise by taking an in-depth look at kernel hardening challenges and what it takes to protect systems in the real world.
https://t.co/QSiQzQyrK6
#NullconBerlin2025 #LinuxSecurity #RLC_H
At #NullconBerlin2025, @solardiz will walk us through the journey from LKRG’s edgy debut to its 1.0 release – complete with real-world attacks, trade-offs, nasty bugs, & some honest truths about kernel hardening.
Know More: https://t.co/zApTl1QVhx
#LKRG #LinuxSecurity
End of an era: our CVSweb service turned 21 today, and was promptly retired. Our anoncvs was similarly shut down at the age of 21 two years ago, quietly.
All of our projects previously maintained in CVS are now in Git (yes, older ones with commit histories for ~20 years) and under the Openwall organization on GitHub. There are a total of 22 Git repositories now. https://t.co/wlAWzBrE2G https://t.co/Pcqoms525i
🔒 Enhancing LKRG: A Step Toward Stronger Security. CIQ's own Sultan Alsawaf recently contributed impactful updates to the LKRG project, fixing longstanding bugs & making it stronger & more stable than ever.
Learn more here 🔗 https://t.co/ETx9FUlVLM
#HPC #IT #LKRG #OpenSource #Linux
Last Seen Users on Sotwe
Çılgın Kızlar
Seen from Turkey
dirty relationship
Seen from Egypt
ชื่อนี้คิดตั้งนาน
Seen from Thailand
Mr. Mister
Seen from Belgium
คู่แท้ชลบุรี ช.33/ญ.27
Seen from Indonesia
Peidorreiros Brasil
Seen from France
𝖦𝗈𝖽𝖽𝖾𝗌𝗌 𝖥𝖺𝖻𝗂𝗈𝗅𝖺 ⚡
Seen from Turkey
مخنث
Seen from Saudi Arabia
عراقي
Seen from Netherlands
ABAZA ERKEKLER 💥💤
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers