Search results for tag #fragnesia
![[?]](https://cache.treehouse.systems/accounts/avatars/110/628/855/321/239/565/original/02818afb40ed82f7.jpeg)
We've also posted about our #CopyFail, #DirtyFrag, #Fragnesia handling on the #Gentoo website:
https://www.gentoo.org/news/2026/05/19/copy-fail-fragnesia-vulnerabilities.html
…and yes, another secfix round coming.
CC @wariat
I've finally finished pushing the latest update for #Gentoo Distribution Kernels, and requested their stabilization. This includes upstream releases 7.0.9, 6.18.32, 6.12.90 and 6.6.140; and Gentoo patch bumps 6.1.173_p1, 5.15.207_p1 and 5.10.256_p1.
All of these contain the v5 #Fragnesia patch. And yes, while the exploit is in the wild, upstream still hasn't merged a fix to the mainline kernel, let alone all the LTS branches. Of course, the patch keeps covering more holes, but it would really be preferable to do that as a followup instead of leaving people vulnerable and forcing us to keep rebasing it.
They also include a few reverts in 6.18 and 6.6 for broken PowerPC backports that upstream didn't apparently test. 🤷
We're doing our best, but I'd still recommend running the latest 7.0.x kernel, or LTS 6.18.x, because upstream is far from reliable with the backports.
![[?]](https://nbg1.your-objectstorage.com/tno-mastodon/accounts/avatars/111/434/264/745/920/273/original/52ff85db085a2a1d.jpg)
#Fragnesia Made Public As Latest #Linux Local Privilege Escalation Vulnerability
![[?]](https://soc.octade.net/octade/s/3f7f2b5eda4e392867c301c49c2daa16.png)
'/usr/bin/su' and '/bin/su would never be in the memory cache at all ... by default ... except in systems that run entirely in memory.
Perhaps suid binaries should have special sandboxing for forcing them to be read from protected media into sandboxed memory addresses.
Maybe that would be a tougher nut to crack?