CVE-2023-53000 netlink: prevent potential spectre v1 gadgets

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

Midnight Commander

The Midnight Commander 4.5.51 latest. $ od -t x1 mcbug 0000000 03 14 77 04 0a $ mkdir cat mcbug $ mc try to view this directory - 'w' - 0x77 command will be executed; longer commands might be used, as well Obviously, this attack requires privledged user interaction. Midnight Commander won't displ...