Taggart :donor: on Nostr: I'm seeing some reports that the Crowdstrike BSOD is exploitable for LPE/RCE ...
I'm seeing some reports that the Crowdstrike BSOD is exploitable for LPE/RCE indirectly, because the virtual machine agent with the out-of-bounds read is Turing-complete. That would be one hell of an attack chain, and it is still conjectural.
Published at
2024-08-05 13:23:14Event JSON
{
"id": "5600e30c3826aab7d1b3ade2b031dc711b2272c12bb044695aee858349edc5da",
"pubkey": "4afb3830f7c5db05d5934438779f63c3ed1401aa03a2eb0cc3cda743633aea61",
"created_at": 1722864194,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.town/notes/9wkl65jln0n29l7n",
"activitypub"
]
],
"content": "I'm seeing some reports that the Crowdstrike BSOD is exploitable for LPE/RCE indirectly, because the virtual machine agent with the out-of-bounds read is Turing-complete. That would be one hell of an attack chain, and it is still conjectural.",
"sig": "7e41efc8271eb989f6968cd588befcedc8339b8ac5ccd79921ab0ac0a664d6b9d33c3855bf596ca29415e1ba3b4def60edea1d658f8847dc8ce7d50ebf3df059"
}
