The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.
a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated.
Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.
It’s a privilege escalation.
Blazingly fast 🚀
Zero-cost abstractions!
This is why least privilege is so important. If one account is compromised it will be harder to compromise others if the original account is isolated.
Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.
Weak. Blame the driver.
I re-wrote my Tesla firmware in Rust. It is faster and more secure. Self-driving is no problem when you use a safe language.
Honestly, why are we even selling cars to people who do not take these basic steps?
I compiled my own drivers
And then compacted them!
Yeah, but did you include any biobs?
Don’t think C / C++ wasn’t blamed.
And the horse it ride in on!