Original Reddit discussion: https://www.reddit.com/r/linux/comments/1t6lgub/dirty_frag_a_new_copyfail_like_vulnerability_has/
Just tried it. It’s impressive.
where did you… where did you try it?
also - those local roots is - is why I think people using shared hosting are crazy
where did you… where did you try it?
Clone the repo, build the program as per the README.md, run, get root.
I tried it on a x86 / amd64 test machine I have here for that sort of thing. It only works on that platform. My main machine is arm64 for exactly that reason.
So it doesn’t work on arm64?
I suppose it should work if you compiled it for arm64. But the demonstration exploit is x86 only, and has inline x86 opcodes in the source. So no, that particular demo executable won’t work on arm64.
More generally, what I meant was that I prefer running less common OS on less common architectures, so I’m less likely to be a target of malware. People who write malware usually aim at the biggest and easiest targets to maximize their return, and that’s x86 Windows. By running arm64 Linux, I’m not immediately in the crosshairs.
