undefined | Better HN

0 pointsDylan168079mo ago0 comments

Not really relevant, the threat being discussed is for multi-user systems.

0 comments

And your pulse audio service is running as which user now? This is a local exploit but for any system supporting the mentioned combination of services, aka a lot of them, including the RHEL derivatives and likely Ubuntu.

https://almalinux.org/blog/2025-06-18-test-patches-for-cve-2...

Dylan16807OP9mo ago

> And your pulse audio service is running as which user now?

I'm not sure, I appear to be running pipewire. But assuming it's not my own account: not a user that will initiate an attack. A user account that allows logins or runs external servers would have to get compromised first, and at that point it can use the exploit directly with no need to touch pulseaudio.

If there's only one directory in your /home, it's very unlikely the urge for admins to patch this is directed at you.

shakna9mo ago

Pipewire runs under the pipewire user, managed by systemd or OpenRC. Which means any of their managed processes can start a new pipewire user process.

A local priv-sec is one exploit [0] away from a remote one.

[0] https://www.bleepingcomputer.com/news/security/hackers-explo...

1 more reply

j / k navigate · click thread line to collapse