New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Summary
A new variant of the Dirty Pipe Linux local privilege escalation vulnerability, named Fragnesia, has been discovered. This flaw allows local attackers to gain root access by corrupting the page cache, making it the third such kernel vulnerability identified recently.
IFF Assessment
This vulnerability allows local attackers to gain root access, posing a direct threat to system integrity and defender control.
Severity
The CVSS score of 7.8 indicates a high severity vulnerability, suggesting it is relatively easy to exploit and has a significant impact on system confidentiality, integrity, and availability, particularly for local privilege escalation.
Defender Context
Defenders should be aware of this new Linux kernel LPE vulnerability, Fragnesia, and prioritize patching affected systems to prevent local attackers from escalating privileges to root. This highlights a concerning trend of multiple privilege escalation bugs emerging in the Linux kernel within a short period, requiring continuous vigilance and prompt remediation.