Active attack: Dirty Frag Linux vulnerability expands post-compromise risk
Dirty Frag Linux kernel vulnerability enables reliable privilege escalation from unprivileged user to root.
Summary
Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking components (esp4, esp6, rxrpc) that enables reliable escalation from unprivileged users to root access. The vulnerability is actively being exploited post-compromise via SSH access, web shells, containers, or low-privileged accounts. Microsoft Defender is actively monitoring exploitation attempts and providing detection coverage.
Full text
May 20 6 min read Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from your CRM, writing and executing code, and taking actions on your behalf across dozens of connected systems.
Indicators of Compromise
- malware — Dirty Frag