1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Another major Linux security flaw revealed 'Dirty Frag' allows r

    From TechnologyDaily@1337:1/100 to All on Friday, May 08, 2026 18:15:27
    Another major Linux security flaw revealed 'Dirty Frag' allows root on all major distros, with no patch or fix available yet

    Date:
    Fri, 08 May 2026 17:05:00 +0000

    Description:
    A researcher shared their findings with Linux distro maintainers, but leaked before a patch was built.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Researcher Hyunwoo Kim
    discloses Dirty Frag , a nineyearold kernel flaw enabling root privilege escalation across major Linux distros The exploit chains two pagecache write bugs, works reliably without race conditions, and currently has no CVE or patch Mitigation requires disabling vulnerable kernel modules, but this
    breaks IPsec VPNs and AFS, leaving systems exposed until fixes arrive Some of the most widely used and influential Linux distributions are vulnerable to a zero-day flaw that allows threat actors to gain root privileges, and a patch has not yet been made public, experts have warned.

    Security researcher Hyunwoo Kim disclosed finding a nine-year-old flaw, and published a proof-of-concept (PoC) exploit. He named the vulnerability Dirty Frag, and explained that it works by chaining two kernel flaws, the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability. This allowed him to tweak protected system files in memory without having proper authorization. Latest Videos From You may like "Copy Fail" flaw
    impacts all Linux kernels released since 2017 Disgruntled researcher leaks worrying Windows zero-day security flaw BeyondTrust RCE flaw lets hackers run code without logging in Mitigations available Kim explained that he shared
    his findings with the maintainers of different Linux distros under embargo in order to give everyone time to patch up. However, that embargo was seemingly broken on May 7, when a third party published the exploit.

    "Because the embargo has currently been broken, no patch or CVE exists. After consultation with the maintainers on [email protected] and at their request, this Dirty Frag document is being published," Kim said.

    Besides not having a CVE, the bug is also yet to be given a severity score. However, since this is an unauthenticated privilege escalation flaw, its safe to assume it will receive a critical-severity rating (9.0 and higher).

    So far it was confirmed that Ubuntu, Red Hat Enterprise Linux, CentOS Stream, AlmaLinux, openSUSE Tumbleweed, and Fedora, are all vulnerable, and have not yet received patches. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
    or sponsors By submitting your information you agree to the Terms &
    Conditions and Privacy Policy and are aged 16 or over.

    "As with the previous Copy Fail vulnerability, Dirty Frag likewise allows immediate root privilege escalation on all major distributions, and it chains two separate vulnerabilities," Kim said. "Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is
    very high."

    Current mitigation includes removing vulnerable esp4, esp6, and rxrpc kernel modules, but this breaks IPsec VPNs and AFS distributed network file systems.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/another-major-linux-security-flaw-revea led-dirty-frag-allows-root-on-all-major-distros-with-no-patch-or-fix-available -yet


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)