-------- Original Message --------
The threat, known as Dirty Frag, allows low-privilege users, including those using virtual machines, to gain root control of servers. Attacks are particularly suitable in shared environments, where a server is used by multiple parties. Hackers can also gain root as long as they have access to a separate exploit that gives a toehold into a machine. Exploit code was leaked online three days ago and works reliably across virtually all Linux distributions. Microsoft has said it has spotted signs that hackers are experimenting with Dirty Frag in the wild.
wayne@z840:~ $ git clone https://github.com/V4bel/dirtyfrag.git Cloning into 'dirtyfrag'... remote: Enumerting objects: 46, done. remote: Counting objects: 100% (12/12), done. remote: Compressing objects: 100% (8/8), done. remote: Total 46 (delta 5), reused 4 (delta 4), pack-reused 34 (from 1) Receiving objects: 100% (46/46), 5.83 MiB | 14.32 Mib/s, done. Resolving deltas: 100% (15/15), done. wayne@z840:~ $ cd dirtyfrag wayne@z840:~/dirtyfrag $ gcc -O0 -Wall -o exp exp.c -lutil wayne@z840:~/dirtyfrag $ ./exp dirtyfrag: failed (rc=3) wayne@z840:~/dirtyfrag $ ./exp dirtyfrag: failed (rc=3) wayne@z840:~/dirtyfrag $ Apparently the exploit relies on having certain kernel modules loaded (IPsec ESP (esp4/esp6) and rxrpc). Wayne