Copyfail root escalation error
Denis 'GNUtoo' Carikli
GNUtoo at cyberdimension.org
Thu May 7 13:03:36 UTC 2026
On Fri, 1 May 2026 04:51:17 GMT
"retrovirus-007 at juno.com" <retrovirus-007 at juno.com> wrote:
> According to research, it provides a exploit run
> test, but I couldn't trust its procedure safety.
You're right: the exploit contains x86 code and I didn't find the
source anywhere (I didn't look very hard though). I found someone who
"ported" the exploit to ARM for instance.
I've no idea of the license of the python script but if someone finds a
statement that it's under a free license we could at least replace the
binary inside it and have something usable to test.
As I understand the exploit enables you to replace the content of a
binary by another, in memory, so it probably requires to replace a
binary that is setuid (like su) with another that doesn't have the
proper checks, but then you could probably also replace su with 'bash',
'ls', etc.
Also note that it's just a privilege escalation so how much it affects
users really depend on the use cases.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.fsfla.org/pipermail/linux-libre/attachments/20260507/86fb8c8a/attachment.sig>
More information about the linux-libre
mailing list