You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a question about this vulnerability. My actual concern is that the standard mitigation does not work for me.
I have tried this as root, then rebooted WSL, but I can still successfully exploit it again. echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
More specifically, manually loading the module is prevented (modprobe algif_aead), but the infamous python code is able to load it. I guess the only workaround is to delete the .ko file.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I have a question about this vulnerability. My actual concern is that the standard mitigation does not work for me.
I have tried this as root, then rebooted WSL, but I can still successfully exploit it again.
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.confMore specifically, manually loading the module is prevented (
modprobe algif_aead), but the infamous python code is able to load it. I guess the only workaround is to delete the .ko file.Does anyone know why is this?
Beta Was this translation helpful? Give feedback.
All reactions