SaaS Metrics
GitHub Issue
"doesnt work on my system"
Hello,
so i guess Debian 11 on WSL has the "Ubuntu namespace problem"?
Dirtyfrag ran fine on all my testsystems until there were patches. This failed my lowend/low effort test.
(yes i know, dont judge me for windows and wsl, still an important vector to test :) )
Oh and no, the line of namespace foo code didnt fix it.
View Raw Thread
Developer & User Discourse
EmilyShepherd • May 13, 2026
What mitigations did you take against Dirty Frag? Fragnesia & Dirty Frag attack the same module, so if you blacklisted and removed the modules as part of hardening against Dirty Frag, you'll have protected yourself against Fragnesia too.
Dexruus • May 13, 2026
Since this is my WSL shit... sandbox i have NOT taken any mitigations, the modules were still active.
Thats why its strange.
I ran the "unload kernel modules" from dirtyfrag just to get the printout after rerunning it a second time, that now all modules are unloaded, as it should, when mitigated. First run was without a "is currently not loaded" run, so i guess they were still active. Now they are NOT anymore, so my shitbox debian is NOW status mitigated (without beeing wiped again).
For test reasons iam gonna install some random wsl distribution i can find and see if wsl is the killer, or the debian i played with dirtyfrag on already.
Thats why its strange.
I ran the "unload kernel modules" from dirtyfrag just to get the printout after rerunning it a second time, that now all modules are unloaded, as it should, when mitigated. First run was without a "is currently not loaded" run, so i guess they were still active. Now they are NOT anymore, so my shitbox debian is NOW status mitigated (without beeing wiped again).
For test reasons iam gonna install some random wsl distribution i can find and see if wsl is the killer, or the debian i played with dirtyfrag on already.
Dexruus • May 13, 2026
Wellp, the fresh installed Debian 13 seems to be the patched kernel already...
I wish i had a rollback of the machine, since i cant reproduce it anymore xd
(any way to mitigate the mitigation?)
I wish i had a rollback of the machine, since i cant reproduce it anymore xd
(any way to mitigate the mitigation?)
M1ndK1ller • May 13, 2026
To add onto the discussion, I tried this on an almalinux 9.7 machine on kernel 5.14.0-611.54.3
This machine had a mitigation for dirtyfrag until we patched it for that yesterday, the mitigation is no longer active.
It resulted in a weird bash shell that says it's root but is unable to perform root functions:
Is there something I am doing wrong or does it seem relatively harmless compared to the last 2 we've had?
This machine had a mitigation for dirtyfrag until we patched it for that yesterday, the mitigation is no longer active.
It resulted in a weird bash shell that says it's root but is unable to perform root functions:
Is there something I am doing wrong or does it seem relatively harmless compared to the last 2 we've had?
M1ndK1ller • May 13, 2026
#2
I've tested the changed code in this PR on the same alma machine and am now dropped into a privileged root shell
I've tested the changed code in this PR on the same alma machine and am now dropped into a privileged root shell