Use Reddit? Come join our Reddit Sub as another place to follow the community!
We use affiliate links to earn us some pennies. Learn more.

Fragnesia and ssh-keysign-pwn are the latest Linux security problems

By -
1 comments

We're seeing a wave of Linux security issues lately as it has become a bigger focus, and now we have Fragnesia and ssh-keysign-pwn revealed. After the issues of Dirty Frag and Copy Fail recently, you should ensure you're keeping your system up to date and regularly checking for security updates.

Fragnesia is another Linux local privilege escalation exploit, which is actually a member of the Dirty Frag vulnerability class. The the oss-security list notes "It abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition".

And the most recently revealed issue with ssh-keysign-pwn notes it allows people to read root-owned files as an unprivileged user. Ouch.

Keep an eye on our Security article tag for more disclosures.

Article taken from GamingOnLinux.com.
Tags: Security, Kernel, Misc, Open Source
2 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. You can follow me personally on Mastodon [External Link].
See more from me
Some you may have missed, popular articles from the last month:
Dungeon Clawler 1.0 is out now - it will hook you and frustrate you just like the real thing
SteamOS 3.7.21 released to stable with security and stability updates
I'm going to spend far too much time playing Orc Incremental
A brief but exciting teaser for the Alien: Isolation sequel appears
All posts need to follow our rules. Please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Readers can also email us for any issues or concerns.
1 comment

Avehicle7887 12 minutes ago
While this may sound alarming, it's nothing compared to the problems being found in Windows lately - [(Link)](https://www.pcworld.com/article/3139152/microsofts-may-updates-patch-120-security-flaws-in-windows-and-office.html)

It's good that they are being discovered and reported.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon Logo Patreon. Plain Donations: PayPal Logo PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register
Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Guides
MorrowindHow to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
By Liam Squires-Hand,
11
Hollow Knight: SilksongHow to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam Deck
By Liam Squires-Hand,
1
> View more Tips & Guides
Buy Games
Buy games with our affiliate / partner links:
Latest Forum Posts
Misc