Dirty Frag - Patch Your Servers

If you haven't seen this yet:
https://github.com/V4bel/dirtyfrag

Someone broke embargo before a patch could officially roll out.

You should run the command below to patch your server:

Code (Text):

sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"

It's from the Github above.

Similar to the Copy Fail stuff but not as bad as the cPanel exploit. They need to have shell access or exploit your web app to get root control.

---

 

And another one
New Fragnesia Linux flaw lets attackers gain root privileges

However I read that you're good if you ran the workaround/mitigation above for Dirty Frag.

 

I updated centminmod yesterday but I'm unsure how to use that cmsec framework.

Does it show warnings when logging in if it detects the system hasn't been patched?
And is it manual warnings that you add after we update centminmod?

 

It doesn't look like Hetzner / Alma9 has the last 2 patches yet

Code (Text):

dnf --refresh upgrade
Extra Packages for Enterprise Linux 9 - x86_64                                                                                                                                                                                                                                                                                            35 MB/s |  21 MB     00:00  
AlmaLinux 9 - AppStream                                                                                                                                                                                                                                                                                                                  195 MB/s |  22 MB     00:00  
AlmaLinux 9 Backports - rsync                                                                                                                                                                                                                                                                                                             69 kB/s | 3.2 kB     00:00  
AlmaLinux 9 - BaseOS                                                                                                                                                                                                                                                                                                                     185 MB/s |  28 MB     00:00  
AlmaLinux 9 - CRB                                                                                                                                                                                                                                                                                                                         81 MB/s | 4.9 MB     00:00  
AlmaLinux 9 - Extras                                                                                                                                                                                                                                                                                                                     622 kB/s |  23 kB     00:00  
Extra Packages for Enterprise Linux 9 openh264 (From Cisco) - x86_64                                                                                                                                                                                                                                                                     3.2 kB/s | 2.5 kB     00:00  
MariaDB                                                                                                                                                                                                                                                                                                                                  605 kB/s | 615 kB     00:01  
PMM2 Client release/x86_64 YUM repository                                                                                                                                                                                                                                                                                                 22 kB/s | 7.6 kB     00:00  
Percona Release release/noarch YUM repository                                                                                                                                                                                                                                                                                            8.1 kB/s | 2.7 kB     00:00  
Percona Telemetry release/x86_64 YUM repository                                                                                                                                                                                                                                                                                           14 kB/s | 4.2 kB     00:00  
Percona Tools release/x86_64 YUM repository                                                                                                                                                                                                                                                                                              2.1 MB/s | 1.5 MB     00:00  
Remi's Modular repository for Enterprise Linux 9 - x86_64                                                                                                                                                                                                                                                                                3.1 MB/s | 972 kB     00:00  
Dependencies resolved.
=========================================================================================================================================================================================================================================================================================================================================================================
 Package                                                                            Architecture                                                                           Version                                                                                          Repository                                                                              Size
=========================================================================================================================================================================================================================================================================================================================================================================
Upgrading:
 jq                                                                                 x86_64                                                                                 1.6-19.el9_7.0.2                                                                                 baseos                                                                                 186 k

Transaction Summary
=========================================================================================================================================================================================================================================================================================================================================================================
Upgrade  1 Package

Total download size: 186 k
Is this ok [y/N]: y
Downloading Packages:
jq-1.6-19.el9_7.0.2.x86_64.rpm                                                                                                                                                                                                                                                                                                            34 MB/s | 186 kB     00:00  
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                                                                                                                                                    5.4 MB/s | 186 kB     00:00    
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                                                                                                                                                 1/1
  Upgrading        : jq-1.6-19.el9_7.0.2.x86_64                                                                                                                                                                                                                                                                                                                      1/2
  Cleanup          : jq-1.6-19.el9.x86_64                                                                                                                                                                                                                                                                                                                            2/2
  Running scriptlet: jq-1.6-19.el9.x86_64                                                                                                                                                                                                                                                                                                                            2/2
  Verifying        : jq-1.6-19.el9_7.0.2.x86_64                                                                                                                                                                                                                                                                                                                      1/2
  Verifying        : jq-1.6-19.el9.x86_64                                                                                                                                                                                                                                                                                                                            2/2

Upgraded:
  jq-1.6-19.el9_7.0.2.x86_64                                                                                                                                                                                                                                                                                                                                            

Complete!