[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists
From: pesco@xxxxxxxx
Date: Mon, 19 Jun 2023 16:59:00 +0200

C. W. Schech on Sat, Jun 17 2023:
> /usr/share/relink, so arbitrary objects can be injected ...

By who? Which user ID specifically?

> Install media are also open to tampering and exploitation as signed
> checksum data are not carried with the install sets inside the
> installation image

And clearly such checksums could not be tampered with?

> this is a critical vulnerability and likely deliberate back door

PoC or GTFO.


rolling on the floor laughing
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

References:
- [FD] OpenBSD kernel relinking is not transactional and a local exploit exists
  - From: Schech, C. W. ("Connor")

Prev by Date: [FD] OXAS-ADV-2023-0002: OX App Suite Security Advisory
Previous by thread: Re: [FD] OpenBSD kernel relinking is not transactional and a local exploit exists
Next by thread: [FD] Polycom BToE Connector 4.4.0.0 Multiple Vulnerabilities
Index(es):
- Date
- Thread