‘Dirty Frag’ Linux flaw one-ups CopyFail with no patches and public root exploit

Posted onAuthorCyber Security Review

Broken disclosure embargo left admins facing a fresh root-level flaw with no CVE

A fresh Linux privilege escalation bug dubbed “Dirty Frag” has dropped into the wild with no patches, no CVE, and a public exploit that hands attackers root access across major distributions.Security researcher Hyunwoo Kim disclosed the local privilege escalation flaw on Friday after what he said was a broken embargo forced the issue into the open.

Kim described Dirty Frag as a “universal LPE” affecting “all major distributions” and warned that it delivers the same kind of immediate root access as the recent CopyFail mess – only this time, defenders do not even have patches to throw at the problem.

Read more…
Source:  The Register News

Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox

Related:

  • US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks

    October 19, 2020

    The US Department of Justice has unsealed charges today against six Russian nationals believed to be members of one of Russia’s elite hacking and cyberwar units — known as Sandworm. In court documents today, US officials said all six suspects are officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency ...

  • Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date

    October 16, 2020

    The Google Cloud team revealed today a previously undisclosed DDoS attack that targeted Google service back in September 2017 and which clocked at 2.54 Tbps, making it the largest DDoS attack recorded to date. Damian Menscher, a Security Reliability Engineer for Google Cloud, said the 2.54 Tbps peak was “the culmination of a six-month campaign” that ...

  • 800,000 SonicWall VPNs vulnerable to new remote code execution bug

    October 16, 2020

    Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. Discovered by the Tripwire VERT security team, CVE-2020-5135 impacts SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices. SonicWall NSAs are used as firewalls and SSL VPN portals to filter, control, ...

  • IAmTheKing and the SlothfulMedia malware family

    October 15, 2020

    On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with additional context. In June 2018, we published the first report ...

  • Iranian state hacker group linked to ransomware deployments

    October 15, 2020

    Security researchers said they found clues linking recent attacks with the Thanos ransomware to a group of Iranian state-sponsored hackers. While investigating security incidents at several Israeli prominent organizations, security researchers from ClearSky and Profero said they linked the intrusions to MuddyWater, a known Iranian state-sponsored hacking group. The intrusions followed similar patterns, with two tactics being ...

  • 20 Arrests In QQAAZZ Multi-Million Money Laundering Case

    October 15, 2020

    An unprecedented international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network which attempted to launder tens of millions of euros on behalf of the world’s foremost cybercriminals. Some 40 house searches were carried out in Latvia, Bulgaria, the United Kingdom, Spain and ...