Dirtyfrag: A New Linux Vulnerability

• Dirtyfrag is a universal Linux LPE vulnerability.
• The vulnerability is similar to Copy Fail in root cause and exploitation.
• No patches or CVEs exist for these vulnerabilities.

The Buzz Score

The Internet’s Verdict: 70% Hyped, 30% Skeptical

Vulnerability Details

Dirtyfrag is a Linux vulnerability that allows for local privilege escalation. The vulnerability is similar to Copy Fail, but it can be triggered regardless of whether the algif_aead module is available.

This is very similar in root cause and exploitation to Copy Fail. Which illustrates pretty well something that’s lost when relying heavily on LLMs to do work for you: exploration.

The researcher who discovered Copy Fail relied heavily on AI after noticing something fishy. If he had to manually wade through lots of code by himself, he would have many more chances to spot these twin bugs.

Mitigation

A possible mitigation is to remove the modules in which the vulnerabilities occur. This can be done using the following command:

sh -c "printf 'install esp4 /bin/false
install esp6 /bin/false
install rxrpc /bin/false
' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"

Because the responsible disclosure schedule and the embargo have been broken, no patch exists for any distribution.

It is also suggested to run the following command after the above on already-exploited machines:

sudo echo 3 > /proc/sys/vm/drop_caches

Focus Keyword: Dirtyfrag Linux