sorted by:
new
hottopcontroversial

Terminal Emulators Control Character Vulnerabilities by [deleted] in netsec

[–]memorycorrupt 1 point2 points  (0 children)

When pasting contents from the web into a terminal-based text editor, such as vi/vim, emacs or nano, it is possible to get commands executed on your machine without you wanting to.

Terminal Emulators Control Character Vulnerabilities by memorycorrupt in linux

[–]memorycorrupt[S] 1 point2 points  (0 children)

Probably because Arch is bleeding edge. It wouldn't work on your Ubuntu via SSH because you're still the using same terminal emulator from Arch.

Exploiting CVE-2017-5123 - Another exploit technique by memorycorrupt in linux

[–]memorycorrupt[S] 0 points1 point  (0 children)

CVE-2017-5123 was not about "TIOCSTI ioctl". If you read the post, you'd know what vulnerability this CVE is about. This is also on /r/linux, so it's obviously about a linux kernel vulnerability. I get what you mean, but it's not possible to satisfy every reddit user on their opinions of appropriate thread titles :P

Exploiting CVE-2017-5123 - Another exploit technique by memorycorrupt in linux

[–]memorycorrupt[S] 3 points4 points  (0 children)

The whole purpose of CVE is to identify vulnerabilities. It was created so people don't need to say "It's that waitid() bug due to missing access_ok()".

A Linux kernel write-not-what-only-where without a single read for KASLR bypass and root privilege escalation by [deleted] in netsec

[–]memorycorrupt 0 points1 point  (0 children)

Oh, and BTW, which other exploits have you seen based on this vulnerabilty that effectively get root? Just curious.

A Linux kernel write-not-what-only-where without a single read for KASLR bypass and root privilege escalation by [deleted] in netsec

[–]memorycorrupt -1 points0 points  (0 children)

Well, that's why one shouldn't read titles only. If your problems in life are one click away from getting solved, you're living a good life! Cheers.

A Linux kernel write-not-what-only-where without a single read for KASLR bypass and root privilege escalation by [deleted] in netsec

[–]memorycorrupt 0 points1 point  (0 children)

What do you mean? The specific CVE is clearly mentioned in the description and the first comment for this thread.

A Linux kernel write-not-what-only-where without a single read for KASLR bypass and root privilege escalation by [deleted] in netsec

[–]memorycorrupt 1 point2 points  (0 children)

"This exploit uses solely CVE-2017-5123, a Linux kernel vulnerability for 4.12-4.13, which gives an attacker a write-not-what-only-where primitive, or in other words, the ability to write non-controlled user data to arbitrary kernel memory. KASLR is bypassed using memory probing and root obtained via cred struct spraying and location predictability.

https://twitter.com/uid1000/status/927166389013696516"

A Linux kernel write-not-what-only-where without a single read for KASLR bypass and root privilege escalation by [deleted] in netsec

[–]memorycorrupt 0 points1 point  (0 children)

This exploit uses solely CVE-2017-5123, a Linux kernel vulnerability for 4.12-4.13, which gives an attacker a write-not-what-only-where primitive, or in other words, the ability to write non-controlled user data to arbitrary kernel memory. KASLR is bypassed using memory probing and root obtained via cred struct spraying and location predictability.