Announcement

Collapse
No announcement yet.

Glibc Dynamic Loader Hit By A Nasty Local Privilege Escalation Vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by aviallon View Post
    I wonder if this could be easily combined with a browser exploit to make a very nasty attack vector.
    Then look for a browser vulnerability which enables a remote attacker to make it execute arbitrary code (or arbitrary shell commands).

    Comment


    • #12
      Originally posted by npwx View Post
      Looking at the code cited in the email, seriously, WTF? I'm not surprised they have security issues. Not a single helper functions for string parsing and manipulation, everything open coded while loops, checking *x for \0 etc. That looks like code from the 30 years ago, no wonder nobody spotted the bug in all that mess.
      If I had a nickel for every time I said that while reading code...


      Would be even funnier if somebody famous wrote the code... and not unheard of!

      Comment


      • #13
        Originally posted by aviallon View Post
        Love the picture. I wonder what socket this is.

        I wonder if this could be easily combined with a browser exploit to make a very nasty attack vector.
        A browser exploit allowing code execution outside the sandbox is already apocalypse-level. No need to chain it with this one any more.

        Comment


        • #14
          Switching euid to reuid, if different, on entering ld.so and back just before the main code would at least make the attacker work a bit harder
          The setuid bit has probably caused more grief than any other Unix feature. I always had the feeling it was a backward step from Multics.
          Seeing more use of Linux capabilities which I guess can limit the damage.

          Comment


          • #15
            Originally posted by rogerx View Post

            If I had a nickel for every time I said that while reading code...


            Would be even funnier if somebody famous wrote the code... and not unheard of!
            if I had a nickel for every time that you read some bad code and could have submitted a patch and you didn't !
            Last edited by cynic; 04 October 2023, 06:04 AM.

            Comment


            • #16
              Seems to be fixed on Gentoo at least.

              Comment


              • #17
                Originally posted by docontra View Post
                Good guy glibc, giving us all a reason to try out systemctl soft-reset
                You mean:
                Code:
                systemctl soft-reboot


                Comment


                • #18
                  Originally posted by cynic View Post

                  if I had a nickel for every time that you read some bad code and could have submitted a patch and you didn't !
                  You'd likely be very very poor, as you obviously forgot calculating the time required for creating and submitting patches!

                  (Not to further mention, dealing with some of the anti-social hierarchy.)

                  And, thanks for further demeaning the time that I do spend submitting patches. Keep trying though, sooner or later I'm sure you'll make me look evil!

                  Comment


                  • #19
                    Originally posted by cynic View Post

                    if I had a nickel for every time that you read some bad code and could have submitted a patch and you didn't !
                    If I had a nickel for every retort I have read on Moronix that suggests someone should write some code and submit that as a patch.

                    Comment


                    • #20
                      what's a nickel?

                      Comment

                      Working...
                      X