Opened 9 months ago
Closed 9 months ago
#18480 closed enhancement (fixed)
blocaled-0.5
| Reported by: | pierre | Owned by: | pierre |
|---|---|---|---|
| Priority: | normal | Milestone: | 12.0 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Blocaled 0.5
Bug fix release: fix a double free when there are errors in call backs
Change History (5)
comment:1 by , 9 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 9 months ago
Replying to Xi Ruoyao:
Does the double free has a security implication?
Good question. There is no exploit known to me. What comes to mind is DoS, since I think an attacker could have the localed daemon crash, then send a dbus request to restart it, crash it, and so on. But the attacker needs to be authorized by polkit for that, so anyway the attacker would need already some capabilities.
As far as using the freed memory to put an exploit, I think it may be hard, but it is beyond my capability to analyze further.
comment:4 by , 9 months ago
If it must be triggered by authorized user I'd not consider it a security issue, as "operating as the root" is inherently not safe.
This release fixes failures in tests.