Selfhosted

59244 readers

974 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Dirty Frag: Universal Linux LPE - CVE similar to Copy Fail (www.openwall.com)

submitted 1 week ago by eager_eagle@lemmy.world to c/selfhosted@lemmy.world

5 comments fedilink hide all child comments

cross-posted from: https://lemmy.world/post/46584454

Local Privilege Escalation "Dirty Frag" made public

https://www.openwall.com/lists/oss-security/2026/05/07/8

https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html

https://safecomputing.umich.edu/security-alerts/linux-kernel-vulnerability-%E2%80%9Cdirty-frag%E2%80%9D

https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/

you are viewing a single comment's thread
view the rest of the comments

[–] irmadlad@lemmy.world 12 points 1 week ago (2 children)

RFC: As I understand it this exploit requires local access and cannot be deployed remotely. Is this a correct analysis?

[–] eager_eagle@lemmy.world 8 points 1 week ago (1 children)

right, but remote code execution comes in many different ways. Having a machine vulnerable to this kind of privilege escalation is a really bad thing.

[–] irmadlad@lemmy.world 3 points 1 week ago

Certainly. I don't discount that any exploit is 'really bad'. I like my OS of choice to be as free of exploits as it can possibly be. However, some of the material I was reading involved areas of Linux that I have little if any knowledge of value with, so I thought I'd as the question.