{"id":45682,"date":"2021-07-20T17:17:41","date_gmt":"2021-07-20T21:17:41","guid":{"rendered":"http:\/\/pappp.net\/?guid=183efcc9cd5e63f5267b7df247b80479"},"modified":"2021-07-20T17:17:41","modified_gmt":"2021-07-20T21:17:41","slug":"two-for-tuesday-vulnerabilities-send-windows-and-linux-users-scrambling","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=45682","title":{"rendered":"Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling"},"content":{"rendered":"

Source: Ars Technica<\/a><\/p>\n

Article note: The windows one is a straightforward \"wrong default permissions\" thing...but that Linux exploit really is something. A valid 1GB path name is like a million inodes on most FSes (like 5GB of junk), so it wouldn't be small or quiet, and it's just to get one semi-controlled out-of-bounds write to break the EBPF security model and run an exploit sequence from there.<\/div>
\n
\"A

Enlarge<\/a> <\/p> <\/figure>

<\/a><\/div>\n

The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources.<\/p>\n

As operating systems and applications become harder to hack, successful attacks typically require two or more vulnerabilities. One vulnerability allows the attacker access to low-privileged OS resources, where code can be executed or sensitive data can be read. A second vulnerability elevates that code execution or file access to OS resources reserved for password storage or other sensitive operations. The value of so-called local privilege escalation vulnerabilities, accordingly, has increased in recent years.<\/p>\n

Breaking Windows<\/h2>\n

The Windows vulnerability came to light<\/a> by accident on Monday when a researcher observed what he believed was a coding regression in a beta version of the upcoming Windows 11. The researcher found that the contents of the security account manager<\/a>—the database that stores user accounts and security descriptors for users on the local computer—could be read by users with limited system privileges.<\/p><\/div>

Read 12 remaining paragraphs<\/a> | Comments<\/a><\/p>

\n<\/a> <\/a> <\/a> <\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"

Enlarge
\nThe world woke up on Tuesday to two new vulnerabilities\u2014one in Windows and the other in …<\/p>\n

Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-45682","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/45682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=45682"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/45682\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=45682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=45682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=45682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}