| ▲ | NooneAtAll3 2 hours ago | |
I love that cheeky "oh btw, there's also another vulnerability in rust coreutils rewrite, but we aren't talking about that" paragraph | ||
| ▲ | cyberax 6 minutes ago | parent [-] | |
That's because it's not a vulnerability per se. They found a way to use `rm` as a gadget for their privilege escalation. The core problem is that there's a world-writable directory that is processed by a program running as root. | ||