Linux

13626 readers

1401 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Dirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch available (github.com)

submitted 6 days ago by cm0002@europe.pub to c/linux@programming.dev

18 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] entwine@programming.dev 6 points 6 days ago (4 children)

Are there any real life scenarios where an untrusted user is allowed access to a machine with an unprivileged account? I know there are (or were?) some public shared machines where you can ssh in for fun, but those aren't serious.

I'm thinking maybe a POS system or kiosk running Linux, and there's shell access? This could possibly also be useful for jailbreaking devices that ship with Linux, but are locked down... Maybe like a car infotainment system?

[–] mikerenfro@piefed.world 10 points 6 days ago

Every university with an https://en.wikipedia.org/wiki/High-performance_computing system or a lab with Linux workstations gives shell access to what amount to untrusted users. If antivirus or similar software on the system doesn’t proactively catch the exploit, it’s a bad day.

load more comments (3 replies)