• treadful@lemmy.zip
    link
    fedilink
    English
    arrow-up
    74
    ·
    6 months ago

    It’s a privilege escalation.

    The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. It’s the result of a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated. Use-after-free vulnerabilities can result in remote code or privilege escalation.

    • corsicanguppy@lemmy.ca
      link
      fedilink
      arrow-up
      10
      arrow-down
      12
      ·
      edit-2
      6 months ago

      a use-after-free error, a class of vulnerability that occurs in software written in the C and C++ languages when a process continues to access a memory location after it has been freed or deallocated.

      Immediately I noticed how when Teslas can’t drive themselves we also blame the car and not the driver.

      Weak. Blame the driver.