Tag

Rds

All articles tagged with #rds

cybersecurity6 days ago•58 min saved

PoC Unleashes PinTheft Linux LPE, Unlocks Root Access

A proof-of-concept exploit named PinTheft has been published for a Linux kernel local privilege escalation, leveraging an RDS zerocopy double-free flaw to gain root access under specific kernel configurations. The PoC demonstrates a novel way to steal references via io_uring and overwrite in-memory pages, underscoring ongoing Linux kernel security challenges. Admins should apply latest patches or blacklist vulnerable modules to mitigate risk.

via CyberSecurityNews|

#cybersecurity #iouring #linux-kernel

technology7 days ago•3 min saved

Public PoC Reveals PinTheft Arch Linux Root Privilege Flaw

A publicly released PoC demonstrates PinTheft, a Linux local privilege escalation in the RDS zerocopy path that can yield root on Arch Linux by pinning user pages and stealing FOLL_PIN references through io_uring fixed buffers; exploitation requires the RDS module to be loaded (default on Arch among common distros), io_uring enabled, a readable SUID-root binary, and x86_64 support, which limits its practical attack surface. Users should patch with the latest kernel, and as a mitigation can unload the RDS modules and disable them via modprobe.d (install rds /bin/false and install rds_tcp /bin/false) until patches are deployed.

via BleepingComputer|

#arch-linux #linux-kernel #local-privilege-escalation