Hyunwoo Kim has publicly disclosed Dirty Frag, a zero-day local privilege escalation (LPE) vulnerability affecting all major Linux distributions. Similar to the recently disclosed Copy Fail flaw, it allows immediate root privilege escalation. The disclosure was forced early after an embargo break, meaning no patches or CVEs currently exist. Kim has released exploit code, a script to remove vulnerable modules, and a full write-up including the disclosure timeline.
1 Comment
Sort: