this post was submitted on 07 May 2026

195 points (98.0% liked)

Linux

65230 readers

927 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

195

Dirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch available (github.com)

submitted 1 week ago by rabber@lemmy.ca to c/linux@lemmy.ml

77 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] Damage@feddit.it 45 points 6 days ago (2 children)

Ok this is the first time I try one of these exploits and it works on my system, I'm currently very spooked.

On the other hand, this may allow me to root my LG WebOS TV?

[–] belated_frog_pants@beehaw.org 4 points 6 days ago

Now that i Didn't consider

[–] alexquiniou@lemmy.zip 2 points 6 days ago

Nice, you could change the os

[–] Ooops@feddit.org 12 points 6 days ago* (last edited 6 days ago) (1 children)

Update: Kernel 7.0.5 just released

Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")

Fixes: 03e2a30f6a27 ("esp6: Avoid skb_cow_data whenever possible")

Fixes: 7da0dde68486 ("ip, udp: Support MSG_SPLICE_PAGES")

Fixes: 6d8192bd69bb ("ip6, udp6: Support MSG_SPLICE_PAGES")

[–] cypherpunks@lemmy.ml 2 points 4 days ago

that kernel release (which most distros have still not shipped yet) fixes only one of the two vulnerabilities (CVE-2026-43284); afaik even upstream still doesn't have a patch for the second one (CVE-2026-43500) at this time.

(for people relying on Linux privilege separation, here are mitigation instructions.)

[–] mecen@lemmy.ca 8 points 6 days ago* (last edited 6 days ago)

It was patched in almalinux though, and it was how this exploit got exposed before disclosure.

At lest this is what I read

[–] Everyday0764@lemmy.zip 3 points 6 days ago

I tried on nixos and did not work, but maybe the paths needs adjustments

[–] Bronstein_Tardigrade@lemmygrad.ml -4 points 6 days ago (1 children)

Funny that just after Microsoft commits suicide with Winders 11, Linux "exploits" start popping up like Whack-A-Moles. Makes one wonder if they were inserted by MS engineers.

[–] flying_sheep@lemmy.ml 12 points 6 days ago

Nah, people just started using LLM assisted vuln discovery workflows and having early successes with them.

There will be diminishing returns.

load more comments