Federal agency warns critical Linux vulnerability being actively exploited
Federal agency warns critical Linux vulnerability being actively exploited
arstechnica.com
Federal agency warns critical Linux vulnerability being actively exploited
You're viewing a single thread.
109 comments
-
It's a privilege escalation.
The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.
-
rust mentioned, lets goo
-
Blazingly fast 🚀
-
Zero-cost abstractions!
-
-
-
This is why least privilege is so important. If one account is compromised it will be harder to compromise others if the original account is isolated.
-
a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated.
Immediately I noticed how when Teslas can't drive themselves we also blame the car and not the driver.
Weak. Blame the driver.
-
I re-wrote my Tesla firmware in Rust. It is faster and more secure. Self-driving is no problem when you use a safe language.
Honestly, why are we even selling cars to people who do not take these basic steps?
-
I compiled my own drivers
-
This guy drives not
-
And then compacted them!
-
Yeah, but did you include any biobs?
-
-
Don't think C / C++ wasn't blamed.
-
And the horse it ride in on!
-
-
109 comments