LWN.net featured content

Yet another Dirty Frag type vulnerability: Fragnesia (opens in new tab)

Covers 2 stories See all stories this covers including pocs/fragnesia at mainCovered by kite.kagi.com

Sam James has sent an announcement to the OSS Security mailing list about another local-privilege-escalation (LPE) exploit in the same class as Dirty Frag, called "Fragnesia". From the disclosure: This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag. It abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 3 articles

kite.kagi.com·

Fragnesia Linux flaw gives local attackers root access

Feeds
kite.kagi.com·

Researchers disclose Fragnesia Linux root-escalation flaw

Feeds
kite.kagi.com·

Linux kernel Fragnesia flaw enables root escalation

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help