Dropsafe

by Alec Muffett

Linux Kernel: TOCTOU in Exec System | …I am sure that there was a vulnerability of this exact kind in Unix circa 1988 +/- 4yrs

2024/12/09 08:48:00 GMT

I’m pretty sure there was a direct one on the inode permissions, and possibly a second one involving symlinks. Every bug has its day again and again and again.

There is a Time-of-Check / Time-of-Use issue in the Linux kernel in the exec system calls. The executability permissions are checked at a different time than the set-user-ID bit is applied. This could lead to privilege escalation.

https://github.com/google/security-research/security/advisories/GHSA-c45w-xwww-rfgg

⊞

Dropsafe

Linux Kernel: TOCTOU in Exec System | …I am sure that there was a vulnerability of this exact kind in Unix circa 1988 +/- 4yrs

Comments

Leave a Reply Cancel reply

More posts

Online Age Verification Law Could Kill Whistleblowing

It’s not about the children, it’s about how monetize surveillance: demand the illiberal, stupid, self-defeating & impossible, & then criminalise the wrong people for circumvention

Britain, or Russia?

Digital Sovereignty is a Clusterfuck