New dirty frag exploit grants root access on linux systems

中文

A security researcher has disclosed Dirty Frag, a new Linux kernel exploit that allows local users to gain root privileges. The flaw affects major distributions and remains unpatched on most systems despite earlier fixes for a similar issue.

Hyunwoo Kim, also known as v4bel, reported the threat after submitting details to the linux-distros mailing list under a five-day embargo. An unnamed party released a working exploit the same day, leaving most distributions exposed. Dirty Frag combines two flaws, CVE-2026-43284 and CVE-2026-43500, to modify files in memory without altering them on disk.

相关文章

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
AI 生成的图像

Linux CopyFail exploit threatens root access amid Ubuntu outage

由 AI 报道 AI 生成的图像

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

New fragnesia linux kernel flaw disclosed

A new Linux local privilege escalation vulnerability known as Fragnesia has been made public. The flaw is described as similar to Dirty Frag and involves an ESP/XFRM logic bug.

Linux kernel flaw lets unprivileged users gain root access

由 AI 报道

Qualys researchers have identified a logic flaw in the Linux kernel that enables unprivileged local users to disclose sensitive files and execute arbitrary commands as root.

Technology

Google publishes exploit code for unfixed chromium vulnerability

Security

Rust proposal targets 80 percent of linux kernel cves

Technology

OpenClaw patches severe vulnerability granting admin access

Greg Kroah-Hartman runs AI-assisted fuzzing on Linux kernel

Linux stable kernel maintainer Greg Kroah-Hartman has started using an AI-assisted fuzzing tool in a branch named 'clanker' to test the kernel codebase. The tool has already prompted fixes for vulnerabilities in subsystems like ksmbd and SMB. Patches from this effort now cover areas including USB, HID, WiFi, and networking.

Zero-day exploit bypasses default windows 11 bitlocker encryption

由 AI 报道

A newly published zero-day exploit allows attackers with physical access to bypass BitLocker encryption on Windows 11 devices in seconds. The attack, named YellowKey, targets the default TPM-only configuration and grants full access to encrypted drives via a simple USB-based method.

June 09, 2026 17:20

Single errant character triggers high-severity Linux vulnerability

June 09, 2026 04:36

Single character triggers high-severity Linux kernel vulnerability

May 25, 2026 12:40

Trend Micro Apex One zero-day exploited in the wild

May 11, 2026 16:32

Linux kernel could gain kill switch for vulnerable functions

May 05, 2026 17:44

US government issues urgent CopyFail warning as Linux patches roll out

May 04, 2026 03:03

Red Hat directs users to security page for CopyFail vulnerability

April 13, 2026 10:46

Developer releases VRAM fix for AMD GPUs on Linux

此网站使用 cookie

我们使用 cookie 进行分析以改进我们的网站。阅读我们的 隐私政策 以获取更多信息。
拒绝