Y
Hacker News
new
|
ask
|
show
|
jobs
by
still_grokking
51 days ago
How about SELinux, like on Android?
3 comments
nromiun
51 days ago
To even get the su binary on Android you have to patch the OS. So this exploit can't work on Android. Because there is no su binary to target.
Update: Just tried it on Termux and as expected even creating an AF_ALG socket requires root access.
link
staticassertion
50 days ago
The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.
link
nromiun
50 days ago
Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).
link
staticassertion
50 days ago
That's fine and a very separate reason why it would not be exploitable, also assuming that the module is not just compiled in since then loading it would be irrelevant.
link
staticassertion
51 days ago
I assume that wouldn't help here but I could easily be wrong. (Assuming if you're asking if SELinux would block this exploit).
link
fuomag9
50 days ago
selinux on enforcement mode did not mitigate the exploit when I tested today on fedora coreos :(
link
Update: Just tried it on Termux and as expected even creating an AF_ALG socket requires root access.