{"id":3887,"date":"2026-05-09T04:29:12","date_gmt":"2026-05-09T01:29:12","guid":{"rendered":"https:\/\/biyer.com.tr\/?p=3887"},"modified":"2026-05-09T04:29:12","modified_gmt":"2026-05-09T01:29:12","slug":"dirty-frag-yet-another-universal-linux-kernel-privilege-escalation-vulnerability-active-since-2017-u","status":"publish","type":"post","link":"https:\/\/biyer.com.tr\/?p=3887","title":{"rendered":"Dirty Frag: Yet Another Universal Linux Kernel Privilege Escalation Vulnerability Active Since 2017, Unaffected By &#8220;Copy Fail&#8221; Mitigations"},"content":{"rendered":"<p><!-- SC_OFF --><\/p>\n<div class=\"md\">\n<p>Here we go again&#8230;<\/p>\n<p>Another Linux kernel privilege escalation vulnerability like &quot;Copy Fail&quot; that allows escalation to root reliably on all major Linux distros since 2017. This time it doesn&#039;t rely on the <code>algif_aead<\/code> kernel module, so it works even if you have a kernel with the Copy Fail mitigations.<\/p>\n<p>This one&#039;s also a true zero day in that at the time of announcement, no fixes have been made upstream. The embargo on public disclosure was broken when an unrelated third party revealed the details and it seems like it was being exploited in the wild forcing everyone to step outside the coordinated disclosure timeline and announce this.<\/p>\n<p>There is one silver lining: this one requires the <code>CAP_NET_ADMIN<\/code> capability, which is less likely in hardened container environments, e.g. K8s with default seccomp profiles.<\/p>\n<\/p><\/div>\n<p><!-- SC_ON --> &#032; submitted by &#032; <a href=\"https:\/\/www.reddit.com\/user\/CircumspectCapybara\"> \/u\/CircumspectCapybara <\/a> <br \/> <span><a href=\"https:\/\/www.wiz.io\/blog\/dirty-frag-linux-kernel-local-privilege-escalation-via-esp-and-rxrpc\">[link]<\/a><\/span> &#032; <span><a href=\"https:\/\/www.reddit.com\/r\/programming\/comments\/1t7nej7\/dirty_frag_yet_another_universal_linux_kernel\/\">[comments]<\/a><\/span><\/p>\n<p><a href=\"https:\/\/www.reddit.com\/r\/programming\/comments\/1t7nej7\/dirty_frag_yet_another_universal_linux_kernel\/\" target=\"_blank\">Orijinal Kayna\u011fa Git<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here we go again&#8230; Another Linux kernel privilege escalation vulnerability like &quot;Copy Fail&quot; that allows escalation to root reliably on all major Linux distros since 2017. This time it doesn&#039;t rely on the algif_aead kernel module, so it works even if you have a kernel with the Copy Fail mitigations. This one&#039;s also a true [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3887","post","type-post","status-publish","format-standard","hentry","category-genel"],"_links":{"self":[{"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/3887","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3887"}],"version-history":[{"count":1,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/3887\/revisions"}],"predecessor-version":[{"id":3888,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/3887\/revisions\/3888"}],"wp:attachment":[{"href":"https:\/\/biyer.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3887"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3887"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/biyer.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3887"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}