<- Back
Comments (195)
- goodburbTested on three Android devices (version 9, 13, 16) with different Firefox versions under 150 (had to modify for older).Two boot looped, I had to enter recovery and the other just powered off [0].The demo modifies the wallpaper on supported Pixel devices.[0] IonStack https://rootme.nebusec.ai____Tip: Install a Chromium flavor browser (Chromite) separate from the main browser.Disable Javascript and hardware accelerated video decoder (commonly exploited) from the flags page and enable reader mode to fix broken JS-dependent websites when browsing blogs and random sites on your personal devices, else dedicate a tablet.
- password4321Forgot to include "LPE" (local...) in the title so most of us can get back to weekending.
- teleforce>Google has rewarded us $92,337 in kernelCTFI'm all ears now
- 0x1ceb00daDoes that mean any android app can use ndk native code execution to become root? Does selinux help here?
- amatechaDaaaaamn: "GhostLock was introduced in Linux 2.6.39 and fixed in Linux 7.1."
- reorder9695Could this be used to unlock bootloaders on typically non unlockable phones? If so this could be one of the best things to happen to Android.
- pkoiralapHuge kudos to the security researchers for 1, finding an exploit, and 2, unlike copyfail, excluding a zero-day ready-to-use LPE script that anyone could have used.I tried using this for LPE on a Rocky9 for a couple of hours and thankfully couldn't get it to work. So that means unless you have quite some free time on your hand, or are extremely good at doing what you do, you can't actually use this to get LPE on enterprise distros.
- tangenterFuck it. I’m exclusively running the book version of minix from now on, neovim be damned. The exploit surface of these kernels is wild.
- anthkA good think I use JS less browsers.
- anonundefined
- poly2itIs HN bugged? I swear I have read these comments the day prior, there is no way they are from within 10 hours?
- alexjplant> This is the same shape as many other life-cycle bugs [...]Claude-ism detected. IME with Claude Code an object does not have a type or definition, apparently, but rather a shape (or at least it reaches for that word before more technically-accurate ones). Problems are not of a similar class or type, but of the same shape. Functions are not defined by their signatures but by their shape. Who talks like this and how did it make its way into the training data so pervasively?
- pseudocoder204[dead]
- tangsoupgallery[flagged]
- mixmastamykA what?
- bitwize"Nothing could have prevented this from happening," say users of only language where this happens
- UptrendaHas anyone in infosec ever seen the term "use after free" before LLMs? Or is this basically an acronym claude invented? I say this because I see claude use this term all the time like its common knowledge but in 15+ years in tech never seen it myself. I've seen all kinds of terms used to describe memory errors: memory corruption, heap corruption, stack corruption, whatever, just never this acronym.
- KasianFranksSo has the church of the subgenius.
- KnockOutEZDamn
- 0xbadcafebeeDo we really need infosec companies now that a skid with claude can find decades-old kernel privesc over a weekend?Also can we talk about how bad Linux security is? At this point it's becoming a real liability to run anything on Linux that needs to be secure. OpenBSD has been around for ages, is written in C, and is really, really secure. Do they support containers yet (or microVMs)? Cuz if they do, I'm moving my workloads to obsd.