Qualys Security Advisory – OpenBSD Dynamic Loader Privilege Escalation
Posted by deepcore on December 13, 2019 – 7:13 pm
Qualys discovered a local privilege escalation in OpenBSD’s dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.
Post a reply
You must be logged in to post a comment.