Fragnesia Made Public as Latest Linux Local Privilege Escalation Vulnerability (phoronix.com) 44 points by mikece 2mo ago ↗ HN
[–] bestouff 2mo ago ↗ Lots of privilege escalations these days. But are there that many multiuser Linux systems nowadays ? I'm under the impression the whole landscape is either servers or single-user desktops (and ofc Android phones).
[–] itintheory 2mo ago ↗ Sounds like this one is in the same kernel modules as dirtyfrag, so the existing mitigations (if in place) are sufficient.
[–] nubinetwork 2mo ago ↗ At what point do we all start rolling our own microkernels? This is kind of getting silly now... 4 now in the past month?
[–] TMWNN 2mo ago ↗ UnRAID has released two point upgrades in the past two weeks because the previous AI-found vulnerabilities. Here we go again!
[–] gnufx 2mo ago ↗ The primary source, which says keep the dirtyfrag mitigations in place, is https://github.com/v12-security/pocs/tree/main/fragnesia
5 comments
[ 3.5 ms ] story [ 16.3 ms ] thread