this post was submitted on 14 Jul 2025
29 points (100.0% liked)

Linux Gaming

20196 readers
367 users here now

Discussions and news about gaming on the GNU/Linux family of operating systems (including the Steam Deck). Potentially a $HOME away from home for disgruntled /r/linux_gaming denizens of the redditarian demesne.

This page can be subscribed to via RSS.

Original /r/linux_gaming pengwing by uoou.

No memes/shitposts/low-effort posts, please.

Resources

WWW:

Discord:

IRC:

Matrix:

Telegram:

founded 2 years ago
MODERATORS
monolalia@lemmy.world
29
Old Call of Duty RCE's and Proton (feddit.nu)
submitted 1 week ago by freddo@feddit.nu to c/linux_gaming@lemmy.world
6 comments fedilink hide all child comments
 

I'm feeling a bit nostalgic and wanted to play some of the old COD games, and noticed that remote code execution exploits such as CVE-2018-20817 exist and seem to be unpatched. So I was wondering if this exploit affects or can be mitigated when running through Proton?

As I assume most of these exploits are intended for Windows systems, I'd assume it would be fairly harmless if I could disable mounting the default root filesystem and external drive mounts to the prefix. Digging through winetricks/protontricks I haven't managed to find such an option though.

you are viewing a single comment's thread
view the rest of the comments
[–] savvywolf@pawb.social 17 points 1 week ago (1 children)

Wine/Proton isn't designed to be a sandbox. A motivated enough attacker could make an exploit that checks if it's running in wine and do some wine specific stuff.

Even if you do manage to sandbox it from your root filesystem, it still needs access to your Steam account, which an attacker could compromise.

[–] freddo@feddit.nu 8 points 1 week ago* (last edited 1 week ago) (1 children)

I'm aware it isn't designed to be a sandbox, I'm just betting that the typical exploiter wouldn't target wine past writing stuff into mounted filesystems. So at most they'd wreck the proton prefix and perhaps spawn a few processes within it.

[–] exu@feditown.com 3 points 1 week ago

Your root disk is usually mounted at Z: so any ransomware could just encrypt that