https://github.com/V4bel/dirtyfragAdmin-kun get ready for patch Friday
>>108775336lincels on suicide watch
>>108775336>Due to external factors, the embargo has been broken, so no patch exists for any distribution.Get ready for "disable modules workaround" Friday
>>108775385ubuntu servers are always ddosed so i can't update even if i wanted to
>>108775336can people stop giving their LPEs clever names? your dime a dozen exploit isn't name worthy.
>>108775336>Exploit doesn't work on FreeBSDGreat
>>108775336>on Ubuntu, the rxrpc.ko module is loaded by defaultOnce again the hack works because software you don't need is loaded by default. Gentoo chads, we win again.
>>108775336I'm using podman so I'm fine.
>>108775336we use IPsec so we're fucked :D
another 100% theoretical vulnerability with no real world usecase?it's finally over Linux bros
>>108777523You have to explicitly blacklist them otherwise you are affected you turdmongler.
>>108777593The required modules are not compiled at all if you cared to debloat your kernel (if you install gentoo, chances are you did)
>>108777599Would be a shame if the official handbook would recommend distribution kernels that are in fact affected...So i have to take manual steps like on ANY other distro to "prevent" the exploit. But hey i saved a few KB of disk space not including these modules. Hurr durr can't stop winning gentoo chads.
Im not starting my computer today.
>>108775336>exploit doesn't work on gentoo custom kernel
>>108777577It's a threat to servers and especially shared computing environments (eg 'supercomputers'). The linux systems thay actually matter, not your basement pornplayer.
>>108777633modules get loaded into ram and when the code runs it consumes the cpu cycleyou turbo troglodyte
>>108775336I'm on CachyOS, just updated and restarted a few hours ago, doesn't seem to work on my system?
>>108775336höhöhö no weekend for the kernel maintainers
>This Dirty Frag has been tested on the following distribution versions.>...you fucking faggots, at least list all the distros you tested, fucking ai slop faggots
anotha one https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo
>>108778290>>exploit doesn't work on gentoo custom kernelGreat
>>108778789dead beef dead beef DE AD BE EF
>>108775336>another LPEIt's fucking nothing.If you aren't allowing untrusted users to run code on your system, then none of these vulnerabilities affect you beyond a general "I guess if your system is already pwned, this could make their lateral movement easier".If you ARE doing that then you need to do it in a VM, because containers are not security boundaries and they never were.
