@wdormann misunderstanding 
I meant if dirty frag >patch< works for fragnesia
A
awkwardturing@infosec.exchange
@awkwardturing@infosec.exchange
Posts
-
The 3 recent Linux LPEs are sort of interesting in that each one took a different path from discovery to disclosure. -
The 3 recent Linux LPEs are sort of interesting in that each one took a different path from discovery to disclosure.@wdormann from GitHub: "This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag."
Curious phrasing. Does that mean the patch (not: the mitigation) will work for this as well or no?
-
Pack2TheRoot: Cross-Distro LPECVE: pendingCVSS3: 8.8 -
Pack2TheRoot: Cross-Distro LPECVE: pendingCVSS3: 8.8Pack2TheRoot: Cross-Distro LPE
CVE: pending
CVSS3: 8.8
Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability
Pack2TheRoot (CVE-2026-41651) is a local privilege escalation (LPE) vulnerability that affects multiple Linux distributions in default installations.
Telekom Security (github.security.telekom.com)
-
Not in the article but the login for the breached account was in an infostealer dump, the engineer installed a Robolox mod his home PC.. which he also used for work.@GossiTheDog "got further access through their enumeration"
Ha!