Securité : Dirty Frag
De www.yakakliker.org
CVE-2026-43284
Liens
- https://github.com/V4bel/dirtyfrag/tree/master
- https://seclists.org/oss-sec/2026/q2/430
- https://itcc.uni-koeln.de/en/services/information-security/it-security/vulnerability-cve-2026-43284-dirty-frag
- https://www.bortzmeyer.org/dirtyfrag.html
- https://github.com/odoucet/copyfail-dirtyfrag-blocker
Contournement
sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
Sur Ubuntu :
Step 1 – block the modules:
Block the modules by creating a /etc/modprobe.d/dirty-frag.conf file:
echo "install esp4 /bin/false" | sudo tee /etc/modprobe.d/dirty-frag.conf
echo "install esp6 /bin/false" | sudo tee -a /etc/modprobe.d/dirty-frag.conf
echo "install rxrpc /bin/false" | sudo tee -a /etc/modprobe.d/dirty-frag.conf
Regenerate the initramfs images, to prevent the modules from being loaded during early boot:
sudo update-initramfs -u -k all
Step 2 – unload modules:
Unload the modules, in case they are already loaded:
sudo rmmod esp4 esp6 rxrpc 2>/dev/null
Step 3 – confirm the modules aren’t loaded:
Check whether the modules are still loaded:
grep -qE '^(esp4|esp6|rxrpc) ' /proc/modules && echo "Affected modules are loaded" || echo "Affected modules are NOT loaded"
If the previous action indicates that the modules are not loaded, no further action is required. However, unloading the modules may not be possible if they are in use by applications. In these instances, a system reboot will enforce their blocking, but will affect applications:
sudo reboot
