• Eager Eagle@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    wtf

    An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root.

    If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you’re in scope.

    how does that only get a CVE score of 7.8, the impact of this is huge

      • nyan@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        3 months ago

        Exactly. It’s Yet Another Privilege Escalation Vulnerability. Unless you’re dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.