V12 Security Discloses Fragnesia Linux Privilege Escalation, With 2-Line Kernel Patch Still Unmerged
Updated
Updated · Phoronix · May 13
V12 Security Discloses Fragnesia Linux Privilege Escalation, With 2-Line Kernel Patch Still Unmerged
5 articles · Updated · Phoronix · May 13
Fragnesia was publicly disclosed on the oss-security mailing list as a new Linux local privilege escalation flaw, and proof-of-concept exploit code is already available.
A logic bug in Linux's ESP/XFRM code lets attackers perform arbitrary byte writes into the kernel page cache of read-only files, placing the bug in the same class as Dirty Frag.
A 2-line fix in skbuff.c has been proposed, but it had not been mainlined or included in any mainline kernel release at the time of disclosure.
The flaw affects the XFRM ESP-in-TCP path and can let unprivileged users modify read-only file contents to gain root privileges; disabling vulnerable modules is a temporary mitigation until vendor patches land.
Must we sacrifice system features and disable kernel modules just to stay safe from the next critical Linux flaw?
With AI now discovering exploits in hours, is the traditional patch-and-pray security model already obsolete?