Patch [FIX] Tuesday – [Emergency Episode: DirtyFrag Exploit Before Patch], Ep. 31

Patch [FIX] Tuesday – [Emergency Episode: DirtyFrag Exploit Before Patch], Ep. 31

Breaking from the normal Patch Tuesday cadence for an emergency drop. On May 7, security researcher Hyunwoo Kim published a working proof-of-concept for DirtyFrag - a Linux kernel local privilege escalation chain that gets unprivileged users to root on every major distribution. The embargo was broken by a third party before distribution backports were ready, so the exploit is public and the patch is not.

CTO Jason Kikta and Landon Miles walk through what makes DirtyFrag different from the Copy Fail mitigation many teams already deployed (spoiler: the CopyFail mitigation does NOT cover this), why AWS is calling it a class rather than a single CVE, and the five kernel modules you need to block right now: esp4, esp6, ipcomp4, ipcomp6, and rxrpc.

In this episode:

  • Why the embargo break matters and what changed on May 7
  • How DirtyFrag chains CVE-2026-43284 and CVE-2026-43500 to defeat both Ubuntu's namespace policy and the absence of rxrpc.ko on other distros
  • Why this is the third generation of a bug class (DirtyPipe → Copy Fail → DirtyFrag) and what that means for what comes next
  • The Automox Worklet that mitigates both arms across your Linux fleet, and what it deliberately does not do
  • Tested affected platforms: Ubuntu 24.04, RHEL 10.1, AlmaLinux 10, CentOS Stream 10, openSUSE Tumbleweed, Fedora 44

Back to the regular Patch Tuesday schedule next week.

Links:

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(224)

Patch [FIX] Tuesday – [The 570-CVE Month], Ep. 34

Patch [FIX] Tuesday – [The 570-CVE Month], Ep. 34

570 vulnerabilities. That's July's Patch Tuesday count, nearly triple last month and a record by a wide margin. Jason Kikta is joined by host Landon Miles and offensive-security researcher Serena DiPe...

14 Heinä 29min

 Executive IT – What IT hiring actually looks like when AI does the work, E07

Executive IT – What IT hiring actually looks like when AI does the work, E07

Eighteen months after the Hands-On IT podcast tackled the state of IT careers, Chelsea Rickey, SVP of Human Resources at Automox, comes back to the conversation to assess what held up, what changed, a...

1 Heinä 15min

Product Talk – CISA's BOD 26-04 Directive Explained, E26

Product Talk – CISA's BOD 26-04 Directive Explained, E26

CISA's BOD 26-04 replaces severity-based patching with an exploit-evidence model and remediation clocks as short as three days, fleet-wide, no exceptions. Peter Pflaster and Jason Kikta unpack the fou...

11 Kesä 27min

Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33

Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33

June 2026 has no headliner. Instead of one critical bug, the release spreads thin across the kernel, the network stack, a code editor, an AI assistant, a bootloader, and a nine-year-old Linux root bug...

9 Kesä 23min

Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32

Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32

The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let tha...

12 Touko 34min

Autonomous IT, Live! The Math of Modern Attacks, E07

Autonomous IT, Live! The Math of Modern Attacks, E07

In this episode of Autonomous IT, Live!, we break down the widening gap between exploitation speed and remediation reality. Disclosed vulnerabilities keep climbing, exploitation windows keep shrinking...

28 Huhti 33min

Secure IT – Claude Mythos: AI Vulnerability Hype vs. Evidence, E23

Secure IT – Claude Mythos: AI Vulnerability Hype vs. Evidence, E23

Claude Mythos dominated the AI security conversation for two weeks straight, from the Cloud Security Alliance's strategy briefing to sharp public skepticism to yesterday's Bloomberg report that unauth...

23 Huhti 7min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
uutiscast
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
rss-vaalirankkurit-podcast
rss-podme-livebox
rss-seksicast
otetaan-yhdet
tervo-halme
aihe
politiikan-puskaradio
linda-maria
et-sa-noin-voi-sanoo-esittaa
rss-girls-finish-f1rst
viela-yksi-sivu
the-ulkopolitist
mtv-uutiset-polloraati
rss-kovin-paikka
rss-sveriges-radio-finska
rss-raha-talous-ja-politiikka