Settings

Theme

Copy Fail: 732 Bytes to Root on Every Major Linux Distribution

xint.io

25 points by eyalitki 2 months ago · 3 comments

Reader

eyalitkiOP 2 months ago

Dup of: https://news.ycombinator.com/item?id=47952181

eyalitkiOP 2 months ago

The presented LPE vulnerability was gradually introduced to the Linux Kernel through refactors and optimizations, each commit making sense on its own. The vulnerability itself was exploitable since 2017 (!) and also doubles as a container escape.

immanuwell 2 months ago

the real kicker is the page cache trick making it invisible to disk-based integrity checks, which means your auditd and tripwire setups are worth exactly nothing here

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection