r/technology – Linux system service bug lets you get root on most modern distros


This is a privilege escalation exploit, it means that a user can act as having more privileges than he actually does (in this case, a user can get full administrative privilege (known as root on Linux)).

There’s nothing scary about privilege escalation, they are actually relatively common (there’s at least one found every year) and they are fixed relatively quick as they do imply huge risk in certain situation.

As you may have understood, you first need access to be able to escalate to higher privileges. That means that in most case, an attacker would need another exploit that allow him to execute something on your machine, theses are called remote code execution (RCE). That’s the kind of exploit you should fear, as even without higher privileges, there’s already a lot that can be done, and many big attacker may have access to zero days privilege escalation to use once they found an RCE.

Privilege escalation are still important though, when you give access to a machine to someone else for example, you may not want him to have higher privileges than he actually need. Nowaday it certainly more rare that you give access to a linux machine to someone else without the expectation that he will need root access from time to time, but it can certainly happens, and this is where theses kinds of exploit are the scarier. It happened to my first linux class, but my teacher warned us that the logs were kept safely and that we would get caught if we tried.

So essentially, no it won’t apply to Tesla’s, as you would need to execute stuff on it terminal for it to be exploitable (and at that point, most probably a privilege escalation wouldn’t be your biggest worry. Tesla’s linux probably doesn’t depends on that service either.


This is a privilege escalation exploit, it means that a user can act as having more privileges than he actually does (in this case, a user can get full administrative privilege (known as root on Linux)).

There’s nothing scary about privilege escalation, they are actually relatively common (there’s at least one found every year) and they are fixed relatively quick as they do imply huge risk in certain situation.

As you may have understood, you first need access to be able to escalate to higher privileges. That means that in most case, an attacker would need another exploit that allow him to execute something on your machine, theses are called remote code execution (RCE). That’s the kind of exploit you should fear, as even without higher privileges, there’s already a lot that can be done, and many big attacker may have access to zero days privilege escalation to use once they found an RCE.

Privilege escalation are still important though, when you give access to a machine to someone else for example, you may not want him to have higher privileges than he actually need. Nowaday it certainly more rare that you give access to a linux machine to someone else without the expectation that he will need root access from time to time, but it can certainly happens, and this is where theses kinds of exploit are the scarier. It happened to my first linux class, but my teacher warned us that the logs were kept safely and that we would get caught if we tried.

So essentially, no it won’t apply to Tesla’s, as you would need to execute stuff on it terminal for it to be exploitable (and at that point, most probably a privilege escalation wouldn’t be your biggest worry. Tesla’s linux probably doesn’t depends on that service either.

Leave a Comment

Your email address will not be published. Required fields are marked *