| ▲ | anonym29 3 hours ago | |||||||
LPE (to root) is serious, but it's not a remote hole. | ||||||||
| ▲ | ptx 34 minutes ago | parent [-] | |||||||
Is this functionality accessible from sandboxed processes? That would make a remote hole much more dangerous when one is found, anyway. The CVE seems to concern SysV semaphores and the pledge(2) man page doesn't seem to mention those. | ||||||||
| ||||||||