Gentoo News: Copy Fail, Dirty Frag, and Fragnesia Kernel Vulnerabilities

· security systems · Source ↗

TLDR

  • Gentoo is actively patching a wave of Linux kernel privilege escalation vulnerabilities (Copy Fail, Dirty Frag, Fragnesia) faster than upstream releases.

Key Takeaways

  • Three related privilege escalation vulnerabilities hit the Linux kernel in quick succession: Copy Fail, Dirty Frag, and Fragnesia.
  • Gentoo kernels ship Fragnesia fixes from day one; upstream kernel releases remain vulnerable at time of writing.
  • All supported Gentoo kernels carry the latest Fragnesia v5 patch; vanilla kernel packages are currently unpatched.
  • Only sys-kernel/gentoo-kernel, sys-kernel/gentoo-kernel-bin, and sys-kernel/gentoo-sources are security-supported; other packages lag behind.
  • Gentoo recommends automating kernel upgrades and running latest ~arch or latest stable LTS, as upstream does not reliably backport security fixes.

Hacker News Comment Review

  • No substantive HN discussion yet.

Original | Discuss on HN

Related coverage