• @[email protected]
    link
    fedilink
    English
    1147 months ago

    It’s a privilege escalation.

    The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.

    • Possibly linux
      link
      fedilink
      English
      47 months ago

      This is why least privilege is so important. If one account is compromised it will be harder to compromise others if the original account is isolated.

    • @[email protected]
      link
      fedilink
      -16
      edit-2
      7 months ago

      a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated.

      Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.

      Weak. Blame the driver.