[Bug 2151831] Re: Dirty Frag LPE security vulnerability

@mhalano The rxrpc fix is yet to be merged into mainline On the other hand, I wasn't able to use `./exp` to escalate from "ubuntu" to root in my ubuntu:26.04 Docker container. That's a relief. My `unshare` and `setpriv --no-new-privs` sandbox also prevented root access, but `su` stopped asking for a password even when run outside the sandbox, so I worry whether the exploit can corrupt a running process's memory. -- You received this bug notification because you are subscribed to linux in Ubuntu. Matching subscriptions: Bgg, Bmail, Nb https://bugs.launchpad.net/bugs/2151831 Title: Dirty Frag LPE security vulnerability Status in kmod package in Ubuntu: Invalid Status in linux package in Ubuntu: Confirmed Bug description: The dirty frag vulnerability is like the copy.fail vulnerability. See: * https://www.openwall.com/lists/oss-security/2026/05/07/8 * https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md * https://askubuntu.com/q/1566558/1004020 kmod should mitigate this via `install ... /bin/false` like done for copy.fail. linux-* should receive a full patch once that's available. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kmod/+bug/2151831/+subscriptions