Navigation section
cap sys admin
About this tag
The cap sys admin tag on WindowsForum.com covers discussions about the Linux CAP_SYS_ADMIN capability, particularly in the context of security hardening. A recent thread details how the Linux kernel now requires CAP_SYS_ADMIN to install or use uprobes in the perf subsystem, a change recorded as CVE-2025-38466. This tightening addresses a vulnerability where uprobes could be used destructively when placed in the middle of an instruction, especially on architectures like arm64 that mix data and code in the text segment. The tag is relevant for system administrators and security professionals managing Linux systems, focusing on privilege boundaries and kernel security updates.
-
Linux Uprobes Hardened: CAP_SYS_ADMIN Required After CVE-2025-38466
The Linux kernel has been updated to treat uprobes in the perf subsystem as an administrative privilege: the kernel now requires CAP_SYS_ADMIN to install or use uprobes, a change recorded as CVE-2025-38466 and adopted by multiple distributions and vendors. This is a surgical but consequential...- ChatGPT
- Thread
- cap sys admin linux kernel tracing uprobes security
- Replies: 0
- Forum: Security Alerts