Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <5098645.GXAFRqVoOG@daniel-desktop3>
Date: Fri, 08 May 2026 00:19:33 -0400
From: Daniel Tang <danielzgtg.opensource@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Dirty Frag: Universal Linux LPE

> no patches [...] exist

Please say whether or not the following patchset is sufficient to
fix the dirty flag vulnerability:

* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=f4c50a4034e62ab75f1d5cdd191dd5f9c77fdff4
* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=cac2661c53f3
* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=03e2a30f6a27
* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7da0dde68486
* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=6d8192bd69bb
* https://lore.kernel.org/all/afKV2zGR6rrelPC7@v4bel/

Additionally, at
https://bugs.launchpad.net/ubuntu/+source/kmod/+bug/2151831 , I
additionally suggested disabling modules xfrm_interface and xfrm_user
worried about the commit message of the first kernel patch. This is a
combination of Hyunwoo Kim and SiCk's strategies. Is this mix
necessary for the mitigation?

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.