Blaze@lemmy.zip to Linux@programming.dev · 6 months ago'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systemswww.computing.co.ukexternal-linkmessage-square1fedilinkarrow-up10arrow-down10
arrow-up10arrow-down1external-link'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systemswww.computing.co.ukBlaze@lemmy.zip to Linux@programming.dev · 6 months agomessage-square1fedilink
minus-squarelurklurk@lemmy.worldlinkfedilinkarrow-up0arrow-down1·6 months agothe in depth technical details TL;DR; sigalarm handler calls syslog which isn’t safe to call from a signal handler context. Their example exploit needed about 10k attempts to get a remote shell so it’s not fast or quiet, but a neat find regardless
the in depth technical details
TL;DR; sigalarm handler calls syslog which isn’t safe to call from a signal handler context.
Their example exploit needed about 10k attempts to get a remote shell so it’s not fast or quiet, but a neat find regardless