https://frytea.com/tags/%E6%BC%8F%E6%B4%9E/ Recent content in 漏洞 on Frytea https://frytea.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E https://frytea.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E Hugo zh-cn Thu, 30 Apr 2026 08:00:00 +0800 https://frytea.com/archives/1663/ Thu, 30 Apr 2026 08:00:00 +0800 https://frytea.com/archives/1663/ <p>最近爆出一个 Linux 内核存在近10年的漏洞，随便找了一台最近在用的机器试了一下，直接成功提权：</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>~$ whoami </span></span><span style="display:flex;"><span>songtianlun </span></span><span style="display:flex;"><span>~$ python3 test.py </span></span><span style="display:flex;"><span><span style="color:#75715e"># whoami</span> </span></span><span style="display:flex;"><span>root </span></span></code></pre></div><p>临时解决方案如下：</p> <blockquote> <p>由于 SSH/OpenSSL 等安全基建库几乎都在使用自行维护的用户态加密库, 所以 AF_ALG 可以直接禁用, 为临时缓解措施 (仅供参考):</p>