76: ABCs of CVEs | SUDO Show 76

Sudo Show — Thu, 14 May 2026 05:00:00 -0600

SUDO Show 76, “ABCs of CVEs,” breaks down how modern Linux vulnerabilities go from scary headlines to real-world fixes. Bill, Neal, and Brandon start with conferences and Neal’s new Framework 13 Pro running Fedora, then dive into AI‑assisted security research and what tools like Claude and others are actually doing in the CVE pipeline. Neal walks through recent high‑profile issues like Pack2TheRoot in PackageKit, the copy.fail kernel optimization bug, and the Dirty Frag vulnerability, explaining how disclosure, embargoes, and coordination really work from a distro maintainer’s perspective. Brandon then focuses on CVE patching best practices, testing and release strategies, tools like Foreman and Uyuni for managing updates, and how to interpret CVSS scores and risk without panicking, before the crew wraps with advice for new grads who want to get into security without setting their hair—or their clusters—on fire.

Show Links:

Foreman – https://theforeman.org/
Uyuni – https://www.uyuni-project.org/
Pack2TheRoot – Linux local privilege escalation write‑up
- https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
copy.fail – kernel copy‑on‑write vulnerability
- https://copy.fail/
Dirty Frag – universal Linux LPE PoC
- https://github.com/V4bel/dirtyfrag#dirty-frag-universal-linux-lpe

Connect with the Hosts:
Bill - @ctlinux on Mastodon
Neal - @neal@social.gompa.me on Mastodon
Noel - https://github.com/noelmiller

74: The Great Cloud Breakup | SUDO Show 74

Sudo Show — Thu, 26 Feb 2026 05:00:00 -0700

Moving to the cloud was easy; getting out is the hard part. In SUDO Show 74, Bill, Neal, and Noel dig into “The Great Cloud Breakup” and why more teams are rethinking cloud‑first dogma as exit fees rise and data residency laws go live across the US, EU, UK, and beyond. They talk through how modern Linux, NVMe‑over‑Fabrics, and on‑prem hardware make repatriation realistic again, spotlight rclone and Nick Craig‑Wood for making data movement sane, and share hard‑won stories about ugly data transfers and hybrid architectures. The episode wraps with a tongue‑in‑cheek “repatriate AWS onto three Raspberry Pis” action item and a NetHogs quick fix you can run today to catch chatty services before egress fees blow up your budget.

Show Links:
Red Hat - https://www.redhat.com
rclone - https://rclone.org
rclone (commercial) - https://rclone.com
restic backup - https://restic.net
Oxide Computer Company - https://oxide.computer/
nethogs (NetHogs) - https://github.com/raboof/nethogs

Chapters:
00:00:00 Intro – The Great Cloud Breakup
00:02:11 Standup – Data Residency Laws and Exit Fees
00:06:36 Are We Ready to Repatriate? Linux and NVMe-over-Fabrics
00:15:37 Where Are the Future Jobs?
00:23:29 Supporter Spotlight – rclone and Nick Craig-Wood
00:30:17 Bill’s Nightmare Data Transfer Story
00:36:11 Main Topic – The Great Cloud Breakup
01:12:31 Action Item – Repatriate AWS onto MicroShift (on Three Pis)
01:14:12 Quick Fix – NetHogs to Catch Chatty Services
01:17:13 Looking Forward to the Next Episode
01:18:32 Outro – Where Business Meets Linux

Connect with the Hosts:
Bill - @ctlinux on Mastodon
Neal - @neal@social.gompa.me on Mastodon
Noel - https://github.com/noelmiller

Sudo Show - Episodes Tagged with “Linux Kernel”

76: ABCs of CVEs | SUDO Show 76

74: The Great Cloud Breakup | SUDO Show 74