{"id":237521,"date":"2026-05-21T02:15:43","date_gmt":"2026-05-21T07:15:43","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/05\/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw"},"modified":"2026-05-21T02:15:43","modified_gmt":"2026-05-21T07:15:43","slug":"exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/05\/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw","title":{"rendered":"Exploit released for new PinTheft Arch Linux root escalation flaw"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw.jpg\"><\/a><\/p>\n<p>A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems.<\/p>\n<p>The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel\u2019s RDS (Reliable Datagram Sockets) and <a href=\"https:\/\/lore.kernel.org\/netdev\/20260505234336.2132721-1-achender@kernel.org\/\" target=\"_blank\" rel=\"nofollow noopener\">was patched earlier this month<\/a>.<\/p>\n<p>\u201cPinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through io_uring fixed buffers,\u201d <a href=\"https:\/\/github.com\/v12-security\/pocs\/tree\/09e835b587bf71249775654061ae4c79e92cf430\/pintheft\" target=\"_blank\" rel=\"nofollow noopener\">V12 said<\/a> in a Tuesday advisory.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel\u2019s RDS (Reliable [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523,1492],"tags":[],"class_list":["post-237521","post","type-post","status-publish","format-standard","hentry","category-computing","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/237521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=237521"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/237521\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=237521"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=237521"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=237521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}