@challvy, No - Ubuntu 18 is still vulnerable. The PoC as it stands doesn't show the exploit, as it assumes that su is the post usr-merge location, which isn't the case on 18, and so the hard-coded /usr/bin/su doesn't exist.
If you create /usr/bin/su as a link to /bin/su, then the PoC succeeds just the same as all the other releases. The mitigations of blocking the esp4,esp6, and rxrpc modules works against the PoC as a first hurdle, but I inevitably other attack vectors will exist, and there are other setuid-root binaries to be targeted. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2151831 Title: Dirty Frag LPE security vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kmod/+bug/2151831/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
