VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Dirty Frag: new LPE in Linux kernel allows root on most distros

Dirty Frag: новая LPE в ядре Linux даёт возможность root на большинстве дистрибутивов

Colleagues, please note: an unpatched local privilege escalation (LPE) vulnerability, Dirty Frag, was disclosed in cybersecurity.

Key points:
- Researcher Hyunwoo Kim described an xfrm-ESP + RxRPC Page-Cache Write chain; the exploit is deterministic and race-free.
- Affects Ubuntu 24.04.4, RHEL 10.1, Fedora 44, CentOS Stream 10, AlmaLinux 10, openSUSE Tumbleweed.
- PoC is published; temporary mitigation is to block modules esp4, esp6, rxrpc.

Why it matters: an unprivileged local user can gain root — urgently assess impact and take measures.

What steps have you already taken?

#cybersecurity #Linux #vulnerabilities #infosec

Latest comments

No comments yet.