[kwlug-disc] Another Linux vulnerability ...
Khalid Baheyeldin
kb at 2bits.com
Fri May 8 18:48:17 EDT 2026
DirtyFrag
https://linux.slashdot.org/story/26/05/08/1913238/new-linux-dirty-frag-zero-day-gives-root-on-all-major-distros
This one does not have updates yet from the repositories.
The patches are in the code, but not released yet.
Someone watching the patches that are committed, figured out
the exploit, and released it ahead of the updates.
There is a mitigation here
https://github.com/V4bel/dirtyfrag#mitigation
As with this class of bugs, a local account is needed, so this is
a concern if you have containers.
If you don't have containers, then the machine is not vulnerable.
--
Khalid M. Baheyeldin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20260508/3c881744/attachment-0001.htm>
More information about the kwlug-disc
mailing list