|
Walt Mankowski via plug on 13 Aug 2025 06:07:07 -0700
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Full Kernel-Level Control from Chrome Sandbox
|
- From: Walt Mankowski via plug <plug@lists.phillylinux.org>
- To: plug@lists.phillylinux.org
- Subject: Re: [PLUG] Full Kernel-Level Control from Chrome Sandbox
- Date: Wed, 13 Aug 2025 09:07:00 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pobox.com; h=cc :content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1755090423; x=1755176823; bh=xa/+65bSh7w9UXfOXbvVc6CUIgee2zaz90tRBEuR4pM=; b= C6r3MED9euN7WCbanTAuP3sFWrbPhWsXyOeDgfNPWnm6kI7GW3qEb20f+ITb21X+ iPxDCKVnwGkFepqpj7/6QumUwyMPXH3xBkvLoHZ5yoEO7hzosqacMeAk2IgYtO7A j2cjEV3aKTtrIlr6ACcS1faaZu+lg+YD2fyQgGw+g2xnci5cLB3O4D4RCIOMLgA/ sPfdJxVWM+GTZwghYzO0a2twCQHrsblPYuKLif1dax5+lun6gWTqIZY3qc2XSqJt tt6aOCb4gZ3WIMxkEt07+KA0JxOKkmsYq6HI6Vfp8v6Wers14xllfjjJO6deZ020 R/lVvnzAUfVrMN5tUBCW1A==
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1755090423; x= 1755176823; bh=xa/+65bSh7w9UXfOXbvVc6CUIgee2zaz90tRBEuR4pM=; b=d ZJ3Qfqr9MU+WQbZmRYQdD/QwWenh8ccMqIaisGcJvpcKqITr/sjsawDpLI9s74ZS pUStezBGDJRVQe78GSCwxmRvopKNIDP3Dz27txwOTrq7dHc2w41EkT99TpSRARW3 Zemb5//bYm3JXvqA//HJcP1oTioxbWd2H+aQH1l2yCj8ZXqzWkjnRlKph7erg7z5 OwoLoj5iCH95ZSCFQBk53TCFhwAq/OVe9kFB730QCbbgOibRYgW8V2QUBNqGhYxl e7e2ehKAZuwvVGpf1ZKuiGlDQ+Tc2k9xvVZgB/Ij4ewasafzlLwcqh+o7YNRv1W/ mMPiyrKKMJK+q0gI4pVsg==
- Feedback-id: i4ab14970:Fastmail
- Reply-to: Walt Mankowski <waltman@pobox.com>
- Sender: "plug" <plug-bounces@lists.phillylinux.org>
- User-agent: Mutt/2.2.14 (2025-02-20)
On Wed, Aug 13, 2025 at 01:02:11PM +0000, Rich Freeman via plug wrote:
> On 8/13/2025 8:39 AM, jeffv via plug wrote:
> > Critical Linux Kernel Bug Grants Attackers Full Kernel-Level Control
> > from Chrome Sandbox
> >
> > https://linuxsecurity.com/news/security-vulnerabilities/linux-kernel-bug-grants-attackers-full-kernel-level-control
> >
> >
> > Here´s where things go sideways. Horn´s write-up breaks it down, but the
> > takeaway is this: there's a use-after-free (UAF) condition.
>
> From the article:
>
> *> Patch, Patch, Patch: *The fix is already upstream. As of kernel version
> 6.9.8 <https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9.8>, the
> memory management bug in |MSG_OOB| has been patched.
>
> That's ancient. 6.9 isn't even a maintained kernel version. There is
> already a 6.12 longterm. This was fixed more than a year ago.
>
> This is interesting of course, but unless you have some embedded system
> without any updates you'd have to be incredibly lax to have a year old
> kernel.
Interesting. That article made it seem like it had been introduced in
6.9 and was exploitable in all the kernels after that.
Walt
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug