208
That article doesn't tell me much. Any writeup with the affected code?
Edit: found it
https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md
Non Tom's slopware original:
https://github.com/V4bel/dirtyfrag
Also nice lies and panic spreading by them:
that's currently setting the Linux server world on fire
The vulnerability requires local user access to the affected system which is already a gigantic security hole if that's the case on a server...
It's a big problem for multi-user servers where some users aren't supposed to have root access. For example, my university has several student-accessible servers, and they all seem to be currently vulnerable to the exploit. A malicious student could cause quite a lot of damage.
Not sure why one would use a multi-(Linux)-user server nowadays. Everything runs either via network (e.g. WebDav) or there are dedicated, isolated VMs on that server for exactly the above stated reason.
No patches available!
Literally a mitigation section on the page.
"No patches available" might've been true at time of writing (and might still be true for old kernels, idk), but kernel 7.0.4, released yesterday, is already fixed.
What is the exploit case? It says it's IPsec stuff?
Is it therefore remotely exploitable, or does it need a local user?
Are routers at risk?
"any local user can instantly get root (administrator) access on an affected box, just by running a small program" quote from the short article. So it seems home computers are safe.
I thought that was refering to copyfail?
It's gotta be local.
Why does Microsoft keep funding all these Linux exploits?
Where does it say in the article?
Even if it's true, wouldn't it be a good thing, since it probably wouldn't be found otherwise?
Short answer, nothing. Long answer, Mcafee, Norton, Kaspersky, etc. all have divisions devoted to creating viruses to keep the rest of the company profitable. Microslop has been increasingly desperate recently as they hemorrhage users. They have always been a deeply dishonest company dating back to the 90's and IP theft over GUI. I suspect they might be behind the recent push to scare the public of "the dangers" of open source and think of the kids I.D. checks.
To everyone who isn’t wrapping themselves in aluminum, these companies don’t have teams writing viruses. This has been regurgitated around since the 90s and it’s hilariously false.
"divisions devoted to creating viruses"
any source on this?
see now when the jews invented capitalism with the catholics and were supressing mans natural instinct for communal living
ummm ummm
you know it all started there
we just need to go back to hegel and marx and that and lenin too
ok bye
Because they want to discourage users and governments from switching to Linux
NICE! Linux has made it everyone!
Also local, right?
This and the others will probably be fixed as fast as usual, and the NSA, the CIA, and their Chinese, Russian, and whatever counterparts will have one less exploit in their arsenals.
People don't realize how easy it is to get local access.
There's a very good reason you should not run your browser as root.
this post was submitted on 08 May 2026
208 points (100.0% liked)
PC Master Race
21260 readers
5 users here now
A community for PC Master Race.
Rules:
- No bigotry: Including racism, sexism, homophobia, transphobia, or xenophobia. Code of Conduct.
- Be respectful. Everyone should feel welcome here.
- No NSFW content.
- No Ads / Spamming.
- Be thoughtful and helpful: especially when new beginners have questions.
founded 3 years ago
MODERATORS