Closed Shinyzenith closed 2 years ago
Use root to bind to device fd's and then immediately call setresuid() and setresgid() from libc. Only then proceed to read config files etc etc.
This should fix CVE-2022-27814.
Use root to bind to device fd's and then immediately call setresuid() and setresgid() from libc. Only then proceed to read config files etc etc.
This should fix CVE-2022-27814.