https://miscreants.github.io/blog.trailofbits.com/authors/rory-m/Recent content in Rory M on The Trail of Bits BlogHugoen-usThu, 16 Feb 2023 08:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/Thu, 16 Feb 2023 08:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/I discovered a logic bug in the readline dependency that partially reveals file information when parsing the file specified in the INPUTRC environment variable. This could allow attackers to move laterally on a box where sshd is running, a given user is able to login, and the user’s private key […]