Christian Brauner
Christian Brauner
But you can't write to /proc/self/exe while there binary is executing. Iirc, the gist/a version of the CVE was that an O_PATH FD was opened and then it waited until...
Short of making the binary disappear it's almost impossible to fix this without quite a few heavy kernel changes. For example, by recording that a binary was opened via O_PATH...
On Tue, Feb 20, 2018 at 10:59:45PM +0000, ShellCode wrote: > Up, same problem here on Debian Stretch I have some time planned to debug this the next few days....