Hacker News
Dirty Frag: Universal Linux Local Privilege Escalation — Root on Every Major Distro Since 2017
A new kernel vulnerability dubbed 'Dirty Frag' chains two flaws in the xfrm/ESP and RxRPC subsystems to achieve root privileges on all major Linux distributions released since 2017. A public proof-of-concept allows any unprivileged local user to gain root in a single command. The ESP patch was merged upstream on May 7 but the RxRPC patch is still pending; no distro patches are available yet. Hit 647 points on HN. Working exploit bypasses the known Copy Fail mitigation.
↳ Follow the thread