oss-security - Dirty Frag: Universal Linux LPE
www.openwall.com
  • Decronym@lemmy.decronym.xyzBEnglish
    1·
    5 hours ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    AP WiFi Access Point
    IP Internet Protocol
    IoT Internet of Things for device controllers
    NAS Network-Attached Storage
    NVR Network Video Recorder (generally for CCTV)
    PoE Power over Ethernet
    SSD Solid State Drive mass storage
    SSH Secure Shell for remote terminal access
    Unifi Ubiquiti WiFi hardware brand
    VPN Virtual Private Network

    [Thread #279 for this comm, first seen 8th May 2026, 23:40] [FAQ] [Full list] [Contact] [Source code]

  • irmadlad@lemmy.worldEnglish
    82·
    12 hours ago

    RFC: As I understand it this exploit requires local access and cannot be deployed remotely. Is this a correct analysis?

    • Eager Eagle@lemmy.worldOPEnglish
      5·
      6 hours ago

      right, but remote code execution comes in many different ways. Having a machine vulnerable to this kind of privilege escalation is a really bad thing.

      • irmadlad@lemmy.worldEnglish
        1·
        5 hours ago

        Certainly. I don’t discount that any exploit is ‘really bad’. I like my OS of choice to be as free of exploits as it can possibly be. However, some of the material I was reading involved areas of Linux that I have little if any knowledge of value with, so I thought I’d as the question.

      • richmondez@lemdro.idEnglish
        3·
        7 hours ago

        It’s a LOCAL privilege escalation vulnerability. You need sufficient access to be able to execute arbitrary code locally on the machine. You would need a remote code execution vulnerability in an exposed service (VPN, web server, game server and so on) before an attacker could chain to this to get remote root on your system.