Skip to content
Better HN
Top
New
Best
Ask
Show
Jobs
Search
⌘K
undefined | Better HN
0 points
tptacek
11h ago
0 comments
Share
I just read that it was spilling into argv or something and assumed the vector was somehow injecting arguments or something.
0 comments
default
newest
oldest
cperciva
10h ago
The exploit is injecting environment variables, but yes, close enough. You need someone to call execve as root in order to become root, but you don't need a setuid binary.
j
/
k
navigate · click thread line to collapse
