Debian: Linux Vulnernability Mitigation (Dirty Frag)

After Copy Fail from last week, the new Linux local root privilege escalation of today is Dirty Frag.

For those who can not update to linux >= 7.0.4-1 that was uploaded to sid and contains the needed fixes (backports for trixie are available in trixie-fastforward-backports), or are waiting for backports and updates to older Debian releases, or can’t reboot on short notice, mitigations might be needed.

Given the current trend, it seems we will see more of these bugs in the future. Therefore, I’ve uploaded a new package linux-vulnerability-mitigation to sid containing the mitigation for both Copy Fail and Dirty Frag (with debconf multiselect).

Until it passed NEW, it can also be downloaded from here:

• deb: https://people.debian.org/~daniel/linux-vulnerability-mitigation

• Git: https://forgejo.debian.net/linux/linux-vulnerability-mitigation

The package is architecture independent, has no dependencies, and can be installed on any version of Debian or Debian derivative.