rabber@lemmy.ca to Linux@lemmy.mlEnglish · 12 天前Dirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comexternal-linkmessage-square75fedilinkarrow-up1190cross-posted to: hackernews@lemmy.bestiver.sesecurity@lemmy.ml
arrow-up1190external-linkDirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comrabber@lemmy.ca to Linux@lemmy.mlEnglish · 12 天前message-square75fedilinkcross-posted to: hackernews@lemmy.bestiver.sesecurity@lemmy.ml
minus-squareinari@piefed.ziplinkfedilinkEnglisharrow-up36·12 天前Good to see these exploits being found and worked on
minus-squareThaurin@lemmy.worldlinkfedilinkarrow-up18·12 天前This was leaked early. There is a mitigation (see link for confirmation): sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
minus-squareigorette@lemmy.mllinkfedilinkarrow-up2·12 天前and other scripts: https://gist.github.com/search?q=mitigation+dirtyfrag
minus-squareSteveTech@aussie.zonelinkfedilinkarrow-up1·10 天前If anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12 Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.
Good to see these exploits being found and worked on
This was leaked early. There is a mitigation (see link for confirmation):
and other scripts: https://gist.github.com/search?q=mitigation+dirtyfrag
If anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12
Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.