rabber@lemmy.ca to Linux@lemmy.mlEnglish · 3 days agoDirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comexternal-linkmessage-square73linkfedilinkarrow-up1195
arrow-up1195external-linkDirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch availablegithub.comrabber@lemmy.ca to Linux@lemmy.mlEnglish · 3 days agomessage-square73linkfedilink
minus-squareThaurin@lemmy.worldlinkfedilinkarrow-up21·3 days agoThis was leaked early. There is a mitigation (see link for confirmation): sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
minus-squareSteveTech@aussie.zonelinkfedilinkarrow-up1·7 hours agoIf anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12 Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.
minus-squareigorette@lemmy.mllinkfedilinkarrow-up2·2 days agoand other scripts: https://gist.github.com/search?q=mitigation+dirtyfrag
This was leaked early. There is a mitigation (see link for confirmation):
If anyone’s curious, here’s the leaker’s reasoning: https://www.openwall.com/lists/oss-security/2026/05/07/12
Basically he had no prior knowledge of the vulnerability, he saw the patch go in and wrote a PoC based on that.
and other scripts: https://gist.github.com/search?q=mitigation+dirtyfrag