Fragnesia Made Public as Latest Linux Local Privilege Escalation Vulnerability
2 hours ago
- #Linux
- #Vulnerability
- #Security
- Fragnesia is disclosed as a local privilege escalation vulnerability in the Linux kernel, similar to the recent Dirty Frag vulnerability.
- The vulnerability involves a logic bug in the ESP/XFRM code, enabling arbitrary byte writes to the kernel page cache of read-only files.
- A proof-of-concept exploit is available, and a two-line patch in skbuff.c has been proposed but not yet integrated into mainline kernel releases.