M
An 18 year old memory corruption flaw in NGINX Plus and NGINX Open Source lets an unauthenticated attacker crash worker processes or execute remote code with crafted HTTP requests.
(depthfirst.com)
Anyone running nginx? Noone does that right?
and we have another one. This one with CVE.
#dirtyfrag #CVE-2026-43500
@miketango from what I can read in the discussion is that someone saw the fix in the commit and asked a LLM too build an exploit and published that.
That someone was not aware of an embargo
There seen to be a fix in commit https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=f4c50a4034e62ab75f1d5cdd191dd5f9c77fdff4
That fix made it into 7.0.5 which was released 30 mins (?) ago
https://cdn.kernel.org/pub/linux/kernel/v7.x/ChangeLog-7.0.5
https://lwn.net/Articles/1071719/
#DirtyFrag is a broken embargo.
Local Privilege Escalation to root.
Public working exploit. No CVE assigned yet.
No fix in sight.
<Edith> 7.0.5 was just released which has a fix <\Edith>
#infosec #cyber #tsunamiofvulns
This is the documentation & exploit of DirtyFrag:
https://github.com/V4bel/dirtyfrag/blob/master/README.md
