rabber@lemmy.ca to Linux@lemmy.mlEnglish · 24 days agoDirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comexternal-linkmessage-square68fedilinkarrow-up132arrow-down12
arrow-up130arrow-down1external-linkDirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comrabber@lemmy.ca to Linux@lemmy.mlEnglish · 24 days agomessage-square68fedilink
minus-squareThaurin@lemmy.worldlinkfedilinkarrow-up3·24 days agoThis was leaked early. There is a mitigation (see link for confirmation): sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
minus-squareSteveTech@aussie.zonelinkfedilinkarrow-up1·21 days agoIf anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12 Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.
This was leaked early. There is a mitigation (see link for confirmation):
If anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12
Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.