|
|
|
|
|
|
by vr
5780 days ago
|
|
|
This is not really a kernel bug. The exploit exhausts the address space of Xorg (which is already running as root) to make it possible to write to its stack using a shared memory segment. While the kernel can help prevent this kind of issues by simply denying to map a page from the top of stack segment, it's still an Xorg's problem that it allows to exhausts its address space. In that state an attacker has much higher chances of making the process do desired memory writes and using shared memory segments is not the only option (as described in the original article this post links to). |
|
|