23pds (ๅฑฑๅฅ)
@im23pds
Dad/@SlowMist_Team Partner&CISO/#Web3# Security Researcher/RedTeam/Pentester/Aiๅฎๅ
จ็ไบบ #bitcoin#
๊ฐ์
June 2014
6K ํ๋ก์ ์ค 15.2K ํฌ
Great Vuln!๐
๐ฅ Introducing "Dirty Frag"
A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail.
No race, no panic on failure, fully deterministic. ~9 years latent.
Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more.
Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation.
Details:
๋ ๋ณด๊ธฐ
