Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Chat about just about anything else
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Locked
User avatar
Midnight True
Level 7
Level 7
Posts: 1504
Joined: Wed Jul 20, 2022 3:23 am
Location: Southern and Southwestern area of Mato
Contact:

Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Post by Midnight True »

https://www.ghacks.net/2023/03/24/hacki ... 1-cracked/

patches should be release soon ... so keep your Mint's updated folks
Last edited by LockBot on Mon Apr 24, 2023 9:50 pm, edited 1 time in total.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
Hoser Rob
Level 20
Level 20
Posts: 11806
Joined: Sat Dec 15, 2012 8:57 am

Re: Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Post by Hoser Rob »

Good read but being able to crack any of those things shouldn't come as much of a surprise.
For every complex problem there is an answer that is clear, simple, and wrong - H. L. Mencken
t42
Level 11
Level 11
Posts: 3709
Joined: Mon Jan 20, 2014 6:48 pm

Re: Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Post by t42 »

Tanguy Dubroca from Synacktiv managed to escalate privilege on Ubuntu Desktop using an incorrect pointer scaling.
... running locally his exploit script as an authorized user on the kernel 5.19.0-38-generic and getting privilege escalation is ...a front-page sensation for ghacks.net...
Anoter site gearrice.com reports: "Ubuntu is not safe from hackers and falls alongside Microsoft Teams and Tesla":
The leading Linux distro, which boasts so much of being secure, has once again proven otherwise, falling to a privilege escalation exploit that has rewarded the group with $30,000. Probably it would be more useful to donate the money to the distribution security team instead.
-=t42=-
timmn1
Level 4
Level 4
Posts: 253
Joined: Mon Jun 08, 2009 12:34 pm
Location: Near intersection of I-80 and I-57 in US

Re: Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Post by timmn1 »

So, for this exploit to work on Ubuntu, the person has to have physical access to the computer, and have an authorized user and password. Unless they break into my house, they aren't going to get it. So, can someone please explain to me why I should be worried about this?
Someday, maybe I'll figure out exactly what the hell I'm doing.
t42
Level 11
Level 11
Posts: 3709
Joined: Mon Jan 20, 2014 6:48 pm

Re: Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Post by t42 »

timmn1 wrote: Sun Apr 02, 2023 4:19 am for this exploit to work
Yes, but in this instant it is just a contest. Among 300 security vulnerabilities listed in CVE in 2022-2023 six are remote and have a score of some significance, some of those can be exploited only within a specific networks or protocols and are not relevant to the desktop users environment (for example, TIPC network) - all of these were patched. Still the situation is never static.
-=t42=-
Locked

Return to “Open Chat”