• lurklurk@lemmy.world
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    4 months ago

    the in depth technical details

    TL;DR; sigalarm handler calls syslog which isn’t safe to call from a signal handler context.

    Their example exploit needed about 10k attempts to get a remote shell so it’s not fast or quiet, but a neat find regardless