- GitHub - V4bel dirtyfrag
Contribute to V4bel dirtyfrag development by creating an account on GitHub
- 技術解析 : Linux 核心爆發 DirtyFrag 提權漏洞,建議立刻盤點企業主機 – CyberQ 賽博客
什麼是「DirtyFrag」? 從 V4bel 釋出的報告與漏洞命名來看,「DirtyFrag」延續了過去「Dirty」家族(如 Dirty COW, Dirty Pipe, DirtyCred)的高危險提權特性。 名稱中的 Frag 直指該漏洞的核心成因與核心處理碎片化(Fragmentation)機制時的邏輯缺陷有關。
- Linux 内核现严重本地提权漏洞,全主流发行版暂无补丁
一名安全研究人员本周公开披露了一个被命名为”DirtyFrag”的Linux内核本地权限提升漏洞。该漏洞允许普通用户无需密码即可获得系统最高权限(root),且目前Ubuntu、RHEL、Fedora、openSUSE等全部主流发行版均尚无可用补丁。该漏洞由韩国安全研究员HyunwooKim(网名@v4bel)发现
- Dirty Frag漏洞链曝光:几乎影响所有主流Linux发行版 - 网易
IT之家 5 月 8 日消息,科技媒体 cyberkendra 昨日(5 月 7 日)发布博文,就在 Copy Fail 高危漏洞曝光后没几天,又一个重磅 Linux 内核漏洞链 Dirty Frag 被披露,几乎影响所有主流 Linux 发行版。 该漏洞链由韩国安全研究员 Hyunwoo Kim
- Dirty Frag: a zero-day universal Linux LPE - lwn. net
Dirty Frag: a zero-day universal Linux LPE Hyunwoo Kim has announced the Dirty Frag security flaw, a local-privilege-escalation (LPE) vulnerability similar to the recently disclosed Copy Fail flaw: Because the embargo has now been broken, no patches or CVEs exist for these vulnerabilities
- oss-security - Dirty Frag: Universal Linux LPE
Cc: imv4bel@ il com Subject: Dirty Frag: Universal Linux LPE Hi, This is a report on "Dirty Frag", a universal LPE that allows obtaining root privileges on all major distributions This vulnerability has a similar impact to the previous Copy Fail Because the embargo has now been broken, no patches or CVEs exist for these vulnerabilities
- Dirty Frag Vulnerability Made Public Early: Root Privilege On All . . .
Dirty Frag allows local users to elevate to root on all major distributions Linux distributions aren't yet patched though there is a workaround for those interested, but for the immediate future it means root privilege escalaton on all major distributions
- Dirty Frag — No Patch, No Warning — Root Access on Every Major Linux . . .
Dirty Frag chains two Linux kernel bugs to deliver guaranteed root on Ubuntu, RHEL, Fedora, and more — with no patch available and the embargo already
|