cancel
Showing results for 
Search instead for 
Did you mean: 
SamPirok
Community Manager Community Manager
Community Manager

Summary

The “Dirty Frag” vulnerability is a local privilege escalation (LPE) issue in the Linux kernel that combines flaws in the ESP/XFRM and RXRPC subsystems to allow an unprivileged local attacker to gain root access on major Linux distributions (using any of these two: ESP/XFRM or RXRPC flaws). The attack abuses kernel page-cache manipulation and network protocol handling to overwrite privileged binaries and execute arbitrary code with elevated privileges. Exploitation differs by distribution: the ESP issue affects systems permitting unprivileged user namespaces, while the RXRPC issue impacts distributions with RXRPC enabled, such as Ubuntu. Together, the vulnerabilities provide broad cross-distribution root compromise capability, with mitigations involving disabling vulnerable kernel modules (esp4, esp6, and rxrpc) until upstream patches are fully merged and deployed.

Products not listed in the Impact Details section have not been evaluated.  Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published.  Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.

 

Products Potentially Affected

OS/Product

Exposure

TPVM (EXOS, VOSS)

Yes

TPVM (SLX-OS, OS ONE)

Yes

 

Repair Recommendations

TPVM (EXOS, VOSS):

  • Fixed in 32.7.4.15 or later.

TPVM (SLX-OS, OS ONE):

  • Fixed in 4.7.17 or later.

 

Please see the full security advisory article here for more details and future updates. 

 

GTM-P2G8KFN