New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
0day in Linux (possible)
rustelekom
Member, Patron Provider
in News
This news posted "as is".
Thanked by 1host_c
Comments
$7
Local, so if it's real it has it's use cases but it isn't exactly that scary either unless there's untrusted users on the box, which are able to run custom code.
Sounds like this recent, well-known exploit we already talked about:
https://www.theregister.com/2024/03/29/linux_kernel_flaw/
But it was related to 6.6.14, and now the post says that it's also working on 6.6.15.
I see.
Here is complete article https://thecyberexpress.com/use-after-free-vulnerability-in-linux-kernel/
Pretty scary for any company selling services on shared environments. Shared web hosting, game hosting, LXC / Docker containers, any sort of application hosting.
Are they really selling an LPE for $150K?
I thought the going rate for a Kernel LPE was nearer $25K, or at least that's roughly what Zerodium is paying. If it's REALLY special, (or they're in need), then they'll go upto $50K but the price here seems way above market rate: https://zerodium.com/program.html
Also, most people will screw up their permissions, leave a SUID binary or other error that negates the need for a Kernel LPE anyway so I'd say most LET users should be more worried about misconfigurations than overpriced 0 Days, (of which there are already many) 🤷♀️
Then it's likely a bypass of the patch for 6.6.14, probably with a little extra heap grooming or whatever, which happens a lot
It can't be bothered to log into the forum, but someone just sent me a screenshot with a price of 350k… lol.
Reseller? Heh...
We’re talking about a recently joined forum user with 16 posts? Or am I missing something?
Sure. That's pretty much the definition of having untrusted users, which are able to run custom code, on the box
For all the lone admins or people only granted trusted people access to their systems the impact is negligible. Well unless what they are administrating something running something based on the mentioned container virtualization systems of course.
By the way, does game hosting really regularly allow users to run custom code? I mean, i can see it with how some games realize modding but in general i don't see a reason to actually let users touch binaries at all.
Mhh… na. We are old friends and don't do business. It looks like the price was updated / changed at some point.
Look as auction...
Is that Breach Forums ?
PoC was shown to a mod (IntelBroker), which gives it a little more legitimacy.
congrats ! your 0day has been doubled
Minecraft hosts usually let you run a custom JAR file server binary I think? You can also usually install server plugins at the very least, which can probably be leveraged to get a shell, depending on a game.
Yeah, that's true. Minecraft probably still amounts to a huge part of the game hosting market. Quake and Source based games also (used to?) distribute their mods as native libraries but i don't think those have much of a modding scene worth catering to these days.
i think there should be some cosideration that zerodium is a reseller/broker. very little is known about the buyers and how much they paid. i think most speculation is governments for their cyber capabilities.
another consideration is this exploit is also being sold with the intent of it to be used for illegal activities that would produce a profit.
im not making a point of the ethics but the legallity and why that affects the prices.
OpenVZ rejoice.
All your containers belong to me.