• lurklurk@lemmy.world
    link
    fedilink
    arrow-up
    24
    ·
    4 months ago

    the in depth technical details

    TL;DR; sigalarm handler calls syslog which isn’t safe to call from a signal handler context.

    Their example exploit needed about 10k attempts to get a remote shell so it’s not fast or quiet, but a neat find regardless

    • bitfucker@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      4 months ago

      I can already imagine the log generated will be a hint. We usually automate those anyway as it is closer to (D)DoS too.