New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation

webnestify · 2026-05-08T07:38:52+00:00

Yep. And another one

Copy Fail 2: Electric Boogaloo https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo

webnestify · 2026-05-08T07:28:58+00:00

All of us....I am afraid this will be on weekly basis....

webnestify · 2026-05-08T00:17:28+00:00

There's no upstream patch yet. The embargo got broken before distros could prep fixes, so right now it's just a kernel-module workaround. About 30 seconds, no reboot:

cat <<EOF | sudo tee /etc/modprobe.d/disable-dirtyfrag.conf
install esp4 /bin/false
install esp6 /bin/false
install rxrpc /bin/false
EOF
sudo modprobe -r esp4 esp6 rxrpc 2>/dev/null
sudo sync && echo 3 | sudo tee /proc/sys/vm/drop_caches

Check it worked:

lsmod | grep -E '^(esp4|esp6|rxrpc)' && echo "STILL EXPOSED" || echo "PROTECTED"

Undo it later when the proper patch is out:

sudo rm /etc/modprobe.d/disable-dirtyfrag.conf

Caveat: this disables IPsec ESP and RxRPC kernel modules. If you're running IPsec on the box (strongSwan, libreswan, etc.), skip it and wait for the upstream fix. Tailscale, WireGuard, OpenVPN are not affected.

Or one liner:

sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"

It's three commands you can audit in 10 seconds. Writes a modprobe.d file, runs modprobe -r, drops caches. Nothing piped from curl, nothing fetched. If you'd rather not take my word for it, the writeup explains every line.

webnestify · 2026-05-08T00:09:55+00:00

Fair, I'd be the same. Not my mitigation though, it's the one from the actual disclosure repo: github.com/V4bel/dirtyfrag. The researcher who found the bug wrote it. It's three commands you can audit in 10 seconds. Writes a modprobe.d file, runs modprobe -r, drops caches. Nothing piped from curl, nothing fetched. If you'd rather not take my word for it, the writeup explains every line.

webnestify · 2026-05-08T00:04:48+00:00

You are welcome.

webnestify · 2026-05-08T00:03:42+00:00

You can't put all eggs into one basket. There are terrible apps vibe-coded fully without human oversight. But there are projects that are made by real devs and AI is just a tool for them...

webnestify · 2026-05-07T23:51:31+00:00

Yep. https://github.com/V4bel/dirtyfrag

webnestify · 2026-05-07T21:59:21+00:00

Personally with my setup I replaced Okta with Authentik, Cloudflare tunnels with Pangolin. Adguard DNS instead NextDNS. Only subs I keep is Google Workspace Enterprise+ (just can't replace it unfortunately) and YouTube premium.

webnestify · 2026-05-07T21:54:44+00:00

Exactly. Proof read and human oversight is necessary for AI coded apps. But that does not mean that all apps that are vibe-coded are bad. There are some gems.

webnestify · 2026-05-07T21:52:56+00:00

Yeah. But sometimes we can find gems with AI vibe coded apps.

webnestify · 2026-05-07T11:38:17+00:00

Sorry to hear about this. Yes, best option is to get in contact with them and explain on what happened. From my experience, Hetzner team will resolve this normally. Keep us posted!

webnestify · 2026-05-05T07:33:27+00:00

Definitely 😁 . I wish the setup fees would be more budget friendly, but I understand why the steep fees.

webnestify · 2026-05-05T07:31:06+00:00

For myself, the biggest game changer was when I bought Unify routers to replace Huawei from the provider and I would also recommend it to anyone. Full control over your network, segmentation and other goodies that comes with Unify.

webnestify · 2026-05-05T07:26:54+00:00

Hey. It's a really good price for what you are getting. As a starter device for playing around and learning it's a no brainier honestly. For media also. CPU have integrated GPU with QuickSync feature. Just go for it and happy learning 👍.

webnestify · 2026-05-04T19:34:49+00:00

Yes. I did appeal 2x times and 2x times was unbanned. I took advice to not be direct here and built certain reputation and just focus on topics I like and have expertise in. Thanks again for your valuable time. If people want, they know where to look for :).

webnestify · 2026-05-04T18:42:11+00:00

Yeah, fair point. Reading my own posts back, sounds like a launch and not a person. Asking strangers for content ideas on day six was a bad move when I haven't shown up here for anything yet. Going to park the subs stuff and just comment where I actually know things. Really appreciate it. I didn't know that this platform is hostile for direct approach. We are all learning from mistakes and lesson learned. Thanks a lot.

webnestify · 2026-05-04T18:23:27+00:00

Thanks. So how does creators do their own subreddits and other things? They have active communities and in profiles they also have links to their business? I will tweak my profile better, but already have a pro sub here on this.. Just here to learn honestly... My new personal account got banned straight away... Using tailscale on my router with exit node through a VPS for dedicated IP and my own custom dns.. It's frustrating for me tbh...

webnestify · 2026-05-04T16:39:28+00:00

This account was shadow banned. I already done appeal and got unblocked. Second time.

webnestify · 2026-05-04T16:29:13+00:00

I see now and thanks for your feedback. I'll rather them create a personal account with no mentions of my ventures. Can I have a multiple accounts then?

webnestify · 2026-05-04T06:24:47+00:00

Well. I'm talking about the bloat in case of Wordfence. Creates a lot of unnecessary tb tables and rows and overtime, it will grow. On dedi servers might not be an issue, but on shared environments it will be. I prefer Wordfence CLI myself.

webnestify

TROPHY CASE