Forgot your password?
typodupeerror

Comment Re:'Pharma Bro' Martin Shkreli modus operandi (Score 1) 56

They are like Oracle, take something very good like Sun Microsystems (Solaris, Java), as far as locking into worse contracts after acquisition: "Java SE Universal Subscription (2023): Oracle changed its pricing metric. Instead of charging per user or per processor, organizations now pay based on their total employee count. This means you must pay for every employee in the company, even if only a few use Oracle Java"

Submission + - And another Linux vunerablity, SSH private keys. (github.com)

mrspoonsi writes: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.

__ptrace_may_access() skips the dumpable check when task->mm == NULL. do_exit() runs exit_mm() before exit_files() — no mm, fds still there. pidfd_getfd(2) succeeds in that window when the caller's uid matches the target's.

Reported by Qualys, fixed by Linus 2026-05-14. Jann Horn flagged the FD-theft shape in October 2020.

Submission + - Joining Copy Fail, say hello to Dirty Frag (github.com)

mrspoonsi writes: Dirty Frag vulnerability class, first discovered and reported by Hyunwoo Kim (@v4bel), which can obtain root privileges on major Linux distributions by chaining the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability.

Dirty Frag is a case that extends the bug class to which Dirty Pipe and Copy Fail belong. Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is very high.

Because the embargo has currently been broken, no patch or CVE exists

Slashdot Top Deals

Marvelous! The super-user's going to boot me! What a finely tuned response to the situation!

Working...