ABCs of CVEs | SUDO Show 76 – Open World News

Video by Sudo Show via YouTube

SUDO Show 76, “ABCs of CVEs,” breaks down how modern Linux vulnerabilities go from scary headlines to real-world fixes. Bill, Neal, and Brandon start with conferences and Neal’s new Framework 13 Pro running Fedora, then dive into AI‑assisted security research and what tools like Claude and others are actually doing in the CVE pipeline. Neal walks through recent high‑profile issues like Pack2TheRoot in PackageKit, the copy.fail kernel optimization bug, and the Dirty Frag vulnerability, explaining how disclosure, embargoes, and coordination really work from a distro maintainer’s perspective. Brandon then focuses on CVE patching best practices, testing and release strategies, tools like Foreman and Uyuni for managing updates, and how to interpret CVSS scores and risk without panicking, before the crew wraps with advice for new grads who want to get into security without setting their hair—or their clusters—on fire.

Show Links:
Foreman – https://theforeman.org/
Uyuni – https://www.uyuni-project.org/
Pack2TheRoot – Linux local privilege escalation write‑up
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
copy.fail – kernel copy‑on‑write vulnerability
https://copy.fail/
Dirty Frag – universal Linux LPE PoC
https://github.com/V4bel/dirtyfrag#dirty-frag-universal-linux-lpe

Chapters:
00:00 Intro – ABCs of CVEs
00:35 Conferences and the Framework 13 Pro
04:14 What Has Brandon Been Up To?
05:43 AI and CVEs – Claude and Friends
06:53 Pack2TheRoot – PackageKit and Fedora Workstation
08:52 copy.fail – Kernel Optimization Gone Wrong
14:15 Dirty Frag – Embargo, Break, and Rapid Response
14:52 How CVEs Are Reported and Coordinated
17:02 Brandon’s CVE Patching Best Practices
19:51 Testing and Releasing Patches Safely
20:32 Communications, CVSS Scores, and Risk
24:22 Tools – Foreman, Uyuni, and CVE Lists
26:02 Tools to Figure Out Which CVEs Matter
27:38 Yes, I Use AI Every Day
29:56 Counterpoint on AI
35:11 Quantifying and Prioritizing Risk
44:30 Does Immutability Save You?
49:07 Zero CVE – Is It Possible?

Connect with the Hosts:
Bill – @ctlinux on Mastodon
Neal – @neal@social.gompa.me on Mastodon
Noel – https://github.com/noelmiller

Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts: