|
|
|
|
|
|
by zepearl
44 days ago
|
|
|
Thanks a lot!!! I was running in Gentoo "6.18.18" (amd64) and the exploit worked (and all other shells which I PREVIOUSLY opened could then just execute "su -" without password to become "root") -> doing temporarily a "modprobe -r algif_aead" on-the-fly did not fix it as I was still able to swap to "root" from the unprivileged user by executing just "su -". "6.18.25" fixed it (module "algif_aead" still running). - Maybe older Kernel versions that don't contain the fix should be blacklisted? - FYI in Gentoo I had to recompile "sys-fs/zfs-kmod" after the minor kernel upgrade (I initially skipped it, but after rebooting with the new kernel I could not mount my raidz1) -> the same might be needed for other external modules. |
|
|