- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or # to comment.
Ah, network packet.
…so it’s another copy fail and dirtyfrag?
Another in the AI-discovered list of related kernel bugs, yes.
I guess this is how it starts. A ton of exploits being found and patched is good imo, even if it would be better if they didn’t exist ofc
TBH I expected way more bugs so far. From my experience, bugs are usually quite social little beings and they like to accumulate in the same place and hang out together.
If you find one, it’s very likely there are many more of the same type left in the code.
Indeed. The propaganda around these new AI models was that they were so dangerous that they would break the security of everything.
Turns out the biggest issues were a couple of user privlidge execution vulnerabilities? I guess that is testiment to the actual human effort that went into everything.
I’m heartened that there hasn’t been any arbitrary code remote execution vulnerabilities that would have actually caused major problems.
We have known for a while that user security is only one layer and shouldn’t be relied on 100%. Thats precisely why people run anything remotely dangerous in a VM, not just as an unprivilidged user. If you are running a service in docker, sure this is bad, but only catastrophic if the service also has a vulnerability allowing remote execution AND that machine has access to something else sensitive.
