OpenBSD crond / crontab set_range() heap underflow (CVE-2024-43688) | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		OpenBSD crond / crontab set_range() heap underflow (CVE-2024-43688) (supernetworks.org)
		3 points by g0xA52A2A on Aug 20, 2024 \| hide \| past \| favorite \| 1 comment

rkta on Aug 20, 2024 [–]

> An attacker can use this vulnerability to obtain root on OpenBSD 7.4 and 7.5.

Ouch! And this all due to unsanitized user input. I really would have expected better from OpenBSD in 2023. I mean I would expect better from everyone but especially from OpenBSD.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact