Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
ID: daa3aa07-8200-5939-8a5c-a3bd54fb64f3
STIX ID: report--daa3aa07-8200-5939-8a5c-a3bd54fb64f3
Feed Name: SANS ISC Diary
Threat Score
Dirty Frag is a recently disclosed Linux local privilege escalation that chains two page-cache write flaws in xfrm-ESP (esp4/esp6) and RxRPC to modify read-only page-cache pages (e.g., /etc/passwd), enabling root escalation on many distributions; exploit code was publicly released after an embargo breach, no CVE was assigned, and immediate mitigations include unloading/denylisting the vulnerable modules, applying live patches, or installing patched kernels.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.