Selfhosted

59218 readers

1101 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Dirty Frag: Universal Linux LPE - CVE similar to Copy Fail (www.openwall.com)

submitted 1 week ago by eager_eagle@lemmy.world to c/selfhosted@lemmy.world

5 comments fedilink hide all child comments

cross-posted from: https://lemmy.world/post/46584454

Local Privilege Escalation "Dirty Frag" made public

https://www.openwall.com/lists/oss-security/2026/05/07/8

https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html

https://safecomputing.umich.edu/security-alerts/linux-kernel-vulnerability-%E2%80%9Cdirty-frag%E2%80%9D

https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/

all 6 comments

sorted by: hot top controversial new old

[–] irmadlad@lemmy.world 12 points 1 week ago (2 children)

RFC: As I understand it this exploit requires local access and cannot be deployed remotely. Is this a correct analysis?

[–] eager_eagle@lemmy.world 8 points 1 week ago (1 children)

right, but remote code execution comes in many different ways. Having a machine vulnerable to this kind of privilege escalation is a really bad thing.

[–] irmadlad@lemmy.world 3 points 1 week ago

Certainly. I don't discount that any exploit is 'really bad'. I like my OS of choice to be as free of exploits as it can possibly be. However, some of the material I was reading involved areas of Linux that I have little if any knowledge of value with, so I thought I'd as the question.

[–] Decronym@lemmy.decronym.xyz 1 points 1 week ago

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters	More Letters
AP	WiFi Access Point
IP	Internet Protocol
IoT	Internet of Things for device controllers
NAS	Network-Attached Storage
NVR	Network Video Recorder (generally for CCTV)
PoE	Power over Ethernet
SSD	Solid State Drive mass storage
SSH	Secure Shell for remote terminal access
Unifi	Ubiquiti WiFi hardware brand
VPN	Virtual Private Network

[Thread #279 for this comm, first seen 8th May 2026, 23:40] [FAQ] [Full list] [Contact] [Source code]