Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability

Following last week's disclosure of the Dirty Frag vulnerability for the Linux kernel, which only finished being patched up in mainline on Monday, Fragnesia is now public as a similar local privilege escalation (LPE) vulnerability.

Announced today on the open-source security mailing list by V12 Security is Fragnesia as a local privilege escalation exploit that is of the same vulnerability class as Dirty Frag. Fragnesia centers around a separate bug within the ESP/XFRM code with a logic bug to allow arbitrary byte writes into the kernel page cache of read-only files.

Proof of concept code for Fragnesia is already out there. There is a two-line patch for addressing the issue within the Linux kernel's skbuff.c code. That patch hasn't yet been mainlined or picked up by any mainline kernel releases but presumably will be in short order for addressing this local privilege escalation issue. More details on the oss-security list.