Google has addressed a privilege escalation vulnerability in Cloud Composer 2, which could have allowed attackers with edit permissions to exploit the default Cloud Build service account. The fix, implemented in December 2024, ensures that environments use their service accounts for package installations, thereby enhancing security. No evidence of exploitation has been reported.

The article discusses the exploitation of CVE-2025-37947 in ksmbd, focusing on the challenges and methodologies used to achieve local privilege escalation. It details the vulnerability's root cause, the proof of concept implementation, and the kernel memory allocation intricacies that enable the exploit. The author emphasizes the importance of understanding memory management for effective exploitation.