exploited linux holes

https://nvd.nist.gov/vuln/detail/CVE-2024-1086

The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges.

It's the result of a use-after-free error, a class of

>vulnerability that occurs in software written in the C and C++ languages

when a process continues to access a memory location after it has been freed or deallocated.

>It's not possible in RUST.

Use-after-free vulnerabilities can result in remote code or privilege escalation. The vulnerability, which affects even Linux kernel 6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations...

>It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it.

A deep-dive write-up of the vulnerability reveals that these exploits provide "a very powerful double-free primitive when the correct code paths are hit." Double-free vulnerabilities are a subclass of use-after-free errors..

POSIWID: The Purpose Of A System Is What It Does Shirt $21.68

UFOs Are A Psyop Shirt $21.68

POSIWID: The Purpose Of A System Is What It Does Shirt $21.68

  1. 2 weeks ago
    Anonymous

    >It's not possible in RUST.
    also not possible in modern c++. you don't have to become a troony.

    • 1 week ago
      Anonymous

      Why are you lying? The compiler will happily compile your use-after-free C++23 code

      • 1 week ago
        Anonymous

        C++ doesn't use "free". if you write "free(something)" then it's C, not C++.
        Additionally, C++ discourages managing memory by hand. Instead, you should use standard containers (std::string, std::vector, etc.) or smart pointers (std::unique_ptr, std::shared_ptr, etc.).

        • 1 week ago
          Anonymous

          You've clearly never written a line of C++ in your life if you think STL and RAII is enough.

          • 1 week ago
            Anonymous

            I've been programming in c++ for the last 10 years.
            apart from stl and raii you have tools that catch memory bugs.

          • 1 week ago
            Anonymous

            Frick no, I'm not doing dynamic analysis anymore just to catch memory bugs. I'm tired of seeing valgrind, asan and ubsan.

        • 1 week ago
          Anonymous

          t. nocoder

  2. 2 weeks ago
    Anonymous

    privesc are dime a dozen

  3. 2 weeks ago
    Anonymous

    I would love to exploit her holes.

    • 1 week ago
      Anonymous

      I came here to say this

      • 1 week ago
        Anonymous

        Is that William?

  4. 2 weeks ago
    Anonymous

    >already gained
    so non-issue then

  5. 2 weeks ago
    Anonymous

    Linuxoids BTFO

    • 2 weeks ago
      Anonymous

      kys troon
      Black person

    • 1 week ago
      Anonymous

      No point. Linutards will never understand.

  6. 2 weeks ago
    Anonymous

    crab crab crab crab
    get deprecated
    get deprecated
    get deprecated

  7. 1 week ago
    Anonymous

    i would lick her pussy

    • 1 week ago
      Anonymous

      Didn't ask.

  8. 1 week ago
    Anonymous

    trannies should kill themselves

  9. 1 week ago
    Anonymous

    there's no such thing as memory-safe language, there's only memory-safe code

  10. 1 week ago
    Anonymous

    https://man.openbsd.org/man4/pf.4

  11. 1 week ago
    Anonymous

    this is so easy to prevent that i want an explanation of what happened but i am never going to get an actual explanation from a journal so frick your pointless thread.

  12. 1 week ago
    nocaps

    the kernel's free isnt the same free as the one you are thinking about you fricking morons

  13. 1 week ago
    Anonymous

    How do we get rust to stop being associated with trannies on here? Is all the shitposting just a russian psy-op to prevent us from using memory safe languages?

    • 1 week ago
      Anonymous

      Rust isn't memory safe. There are several soundness holes in the compiler that have been around for years and unsafe is part of the language and commonly used, despite rustrannies claiming otherwise.

      • 1 week ago
        Anonymous

        >soundness holes
        Other systems level languages (c/c++/zig) have soundness holes as a fundamental part of their memory management model.

        Is rust just too hard to learn? I don't understand all the weak cope and hate.

        • 1 week ago
          Anonymous

          Is it so hard to understand that Rust is just a bad language? Rust trannies produce 100 logic bugs per minute but that's ok because at least they're memory safe logic bugs, in theory, after removing the 500 unsafe blocks.

          • 1 week ago
            Anonymous

            Even just from an aesthetics perspective, programming in rust makes programming in other low-level languages feel so tedious and slow. Have you even given it a shot? Did you get filtered by lifetimes or something?

          • 1 week ago
            Anonymous

            >aesthetics perspective
            No one who does serious programming cares about aesthetics.

            >Have you even given it a shot?
            Yes. I got filtered by the instability when it was still in development, but I don't see any reason to try it again. tbh I'm mostly just shitposting. My biggest problem with Rust is that its apologists are 90% religious fanatics who are borderline nocoders yet assume everyone who isn't using it must be intellectually inferior.

            Have you ever noticed the blurb for 99% of Rust projects ends with "written in Rust". Sorry but that's not a feature.

Your email address will not be published. Required fields are marked *