Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Crap


I read that in my own voice, so relatable hahahaha


Given it relies on ASLR being disabled, it's extremely unlikely you're at any risk from this.


The exploit they chose assumes ASLR is disabled for simplicity's sake, but if you read the full writeup they say they could've used the vulnerability to map memory layout. It's nice to have ASLR but some types of vulnerabilities can be used to bypass it.


That‘s wishful thinking




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: