oss-sec mailing list archives
Re: Dirty Frag: Universal Linux LPE
From: "Bernhard R. Link" <brl+oss () mail brlink eu>
Date: Fri, 8 May 2026 08:58:29 +0200
* Hyunwoo Kim <imv4bel () gmail com> [260507 21:02]:
no patches exist for any distribution. Use the following command to remove the modules in which the vulnerabilities occur:
G ```
sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true" ```
It really starts to feel like there should be a design CVE for not having an only-appendable-by-root allowlist of modules to autoload... sigh...
Current thread:
- Dirty Frag: Universal Linux LPE Hyunwoo Kim (May 07)
- Re: Dirty Frag: Universal Linux LPE Sandipan Roy (May 07)
- Re: Dirty Frag: Universal Linux LPE Greg KH (May 08)
- Re: Dirty Frag: Universal Linux LPE Greg KH (May 08)
- Re: Dirty Frag: Universal Linux LPE Greg KH (May 08)
- Re: Dirty Frag: Universal Linux LPE Bernhard R. Link (May 08)
- <Possible follow-ups>
- Re: Dirty Frag: Universal Linux LPE Daniel Tang (May 07)
- Re: Re: Dirty Frag: Universal Linux LPE Kalin KOZHUHAROV (May 08)
- Re: Re: Dirty Frag: Universal Linux LPE Greg Dahlman (May 08)
- Re: Re: Dirty Frag: Universal Linux LPE Emily Shepherd (May 08)
- Re: Re: Dirty Frag: Universal Linux LPE Kalin KOZHUHAROV (May 08)
- Re: Dirty Frag: Universal Linux LPE Sandipan Roy (May 07)