Linux 7.0.6 is out as stable this morning to finish mitigating the Dirty Frag vulnerability that was made public last week.
The embargo was broken on Dirty Frag last week ahead of schedule and thus proper fixes for the Linux kernel were yet in place for taking care of this local privilege escalation issue. Dirty Frag makes it easy to go root on all Linux distributions but thankfully Linux 7.0.6 is now out to fully resolve Dirty Frag.
The lone patch making up Linux 7.0.6 is “rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present” for fixing an RXRPC issue from 2019.
In addition to Linux 7.0.6 stable, the Linux 6.18.29 LTS kernel was also released today with the sole change being this same patch from Hyunwoo Kim for resolving Dirty Frag.
More background information on Dirty Frag and some temporary workarounds for bypassing this vulnerability can be found via the Dirty Frag GitHub repository.
