Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Just FYI, you can also mitigate it with `echo 1 > ...`; you don't need to drop everything, dropping `1` clears the page cache and that's enough.

Tested locally on Ubuntu 26.04:

1. Ran the exploit and got root

2. Configured the mitigations

3. Ran `su` again with no parameters and immediately got root again unprompted

4. Cleared the page cache

5. `su` asked for a password



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: