Date: Thu, 21 May 2026 10:45:20 +0200 From: Przemyslaw Frasunek <przemyslaw@frasunek.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-26:18.setcred Message-ID: <832f02ee-9fdb-4eda-a06a-d3330ba9aa30@frasunek.com> In-Reply-To: <13306571.xkLNZX5ndW@ravel> References: <20260520222336.BA0F59B7A@freefall.freebsd.org> <13306571.xkLNZX5ndW@ravel>
index | next in thread | previous in thread | raw e-mail
> The only base system's program currently leveraging setcred(2) is mdo(1), so only those using it could stumble on the bug inadvertently (unless they have their own programs calling setcred(2)). > > Of course, this does not preclude malicious people from trying to actively exploit that, either through mdo(1) or by calling setcred(2) directly. As the reporter of this vulnerability, I am sharing a full write-up demonstrating LPE with SMAP/SMEP enabled: https://fatgid.io/home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?832f02ee-9fdb-4eda-a06a-d3330ba9aa30>