The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.
a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated.
Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.
It’s a privilege escalation.
Blazingly fast 🚀
Zero-cost abstractions!
Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.
Weak. Blame the driver.
I re-wrote my Tesla firmware in Rust. It is faster and more secure. Self-driving is no problem when you use a safe language.
Honestly, why are we even selling cars to people who do not take these basic steps?
I compiled my own drivers
This guy drives not
Yeah, but did you include any biobs?
And then compacted them!
Don’t think C / C++ wasn’t blamed.
And the horse it ride in on!
This is why least privilege is so important. If one account is compromised it will be harder to compromise others if the original account is isolated.