¡¾·ì϶¹«¸æ¡¿Linux Dirty Frag ±¾µØȨÏÞÌáÉý·ì϶

°ä²¼¹¦·ò 2026-05-08

Ò»¡¢·ì϶¸ÅÊö


·ìϼûû³Æ

Linux Dirty Frag ±¾µØȨÏÞÌáÉý·ì϶

CVE   ID

ÔÝÎÞ

·ì϶ÀàÐÍ

±¾µØȨÏÞÌáÉý

·¢ÏÖ¹¦·ò

2026-5-8

·ì϶ÆÀ·Ö

8.8

·ì϶µÈ¼¶

¸ßΣ

¹¥»÷ÏòÁ¿

±¾µØ

ËùÐèȨÏÞ

µÍ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

²»±ØÒª

PoC/EXP

Òѹ«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


LinuxÄÚºËÊDzÙ×÷ϵͳÖ÷Ìâ×é¼þ£¬ £¬£¬£¬£¬£¬£¬£¬ÕƹÜÖÎÀíÓ²¼þ×ÊÔ´²¢ÎªÀûÓÃÌṩͳһ½Ó¿Ú¡£¡£¡£¡£¡£¡£¡£ÆäÖØÒªÖ°ÄÜÔ̺¬¹ý³Ìµ÷¶È¡¢ÄÚ´æÖÎÀí¡¢Îļþϵͳ¡¢ÍøÂçºÍ̸ջ¼°É豸Çý¶¯ÖÎÀí¡£¡£¡£¡£¡£¡£¡£Linux kernelÓµÓпªÔ´¡¢¸ß»úÄÜ¡¢²»±äÐÔÇ¿ºÍ¿ÉÀ©´óÐԺõÄÌص㣬 £¬£¬£¬£¬£¬£¬£¬¿í·ºÀûÓÃÓÚ·þÎñÆ÷¡¢ÔÆÍÆË㡢ǶÈëʽϵͳ¼°ÈÝÆ÷ƽ̨¡£¡£¡£¡£¡£¡£¡£


2026Äê5ÔÂ8ÈÕ£¬ £¬£¬£¬£¬£¬£¬£¬8827Ì«Ñô¼¯ÍÅ°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Linux Dirty Frag ±¾µØȨÏÞÌáÉý·ì϶¡£¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±½«Æ䶨ÃûΪ¡°Dirty Frag¡±¡£¡£¡£¡£¡£¡£¡£¸Ã·ì϶ͨ¹ýÁ´Ê½ÀûÓÃxfrm-ESP Page-Cache WriteÓëRxRPC Page-Cache WriteÁ½¸öÄÚºËȱµã£¬ £¬£¬£¬£¬£¬£¬£¬ÊµÏÖ¶ÔÒ³»º´æ(Page Cache)ÄÚÈݵÄËÁÒ⸲¸Ç£¬ £¬£¬£¬£¬£¬£¬£¬½ø¶øÅú¸Ä/usr/bin/su»ò/etc/passwdµÈ¹Ø¼üϵͳÎļþ£¬ £¬£¬£¬£¬£¬£¬£¬×îÖÕ»ñµÃrootȨÏÞ¡£¡£¡£¡£¡£¡£¡£ÓÉÓÚ·ì϶ÊôÓÚÈ·¶¨ÐÔÂß¼­È±µã£¬ £¬£¬£¬£¬£¬£¬£¬²»ÒÀÀµ¾ºÕùÇ°Ìᣬ £¬£¬£¬£¬£¬£¬£¬ÀûÓóɹ¦ÂʽϸßÇÒʧ°Üʱͨ³£²»»áµ¼ÖÂÄں˱ÀÀ£¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß½öÐè±¾µØµÍȨÏÞÕË»§¼´¿ÉʵÏÖÌáȨ£¬ £¬£¬£¬£¬£¬£¬£¬¿ÉÄܵ¼Ö·þÎñÆ÷ÆëȫʧÏÝ¡¢Ãô¸ÐÊý¾Ýй¶¼°ºáÏòÉøÈë·çÏÕ¡£¡£¡£¡£¡£¡£¡£


¶þ¡¢Ó°ÏìÁìÓò


Dirty FragΪÁ½¸öLinux Kernel·ì϶Á´Ê½×éºÏ£¬ £¬£¬£¬£¬£¬£¬£¬±ðÀëÓ°Ïìxfrm-ESPÓëRxRPCÓйØÄÚºË×é¼þ£¬ £¬£¬£¬£¬£¬£¬£¬ÆäÖУ¬ £¬£¬£¬£¬£¬£¬£¬xfrm-ESPÓйطì϶×ÔÌá½»cac2661c53f3ÒýÈëºóÊÜÓ°Ï죬 £¬£¬£¬£¬£¬£¬£¬¹¦·òΪ×Ô2017Äê1ÔÂÒýÈëÖÁ½ñ £»£»£»£»£»£»£»RxRPCÓйطì϶×ÔÌá½»2dc334f1a63aÒýÈëºóÊÜÓ°Ï죬 £¬£¬£¬£¬£¬£¬£¬¹¦·òΪ×Ô2023Äê6ÔÂÒýÈëÖÁ½ñ¡£¡£¡£¡£¡£¡£¡£


ÒÑÖªÊÜÓ°Ïì°æ±¾£º

Ubuntu 24.04.4: 6.17.0-23-generic

RHEL 10.1: 6.12.0-124.49.1.el10_1.x86_64

openSUSE Tumbleweed: 7.0.2-1-default

CentOS Stream 10: 6.12.0-224.el10.x86_64

AlmaLinux 10: 6.12.0-124.52.3.el10_1.x86_64

Fedora 44: 6.19.14-300.fc44.x86_64


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


ÓÉÓÚ·ì϶¹«¿ªÊ±¹Ù·½ÉÐδ°ä²¼Õýʽ²¹¶¡£¬ £¬£¬£¬£¬£¬£¬£¬½¨Òé³ÖÐø¹Ø×¢Linux KernelÉçÇø¼°¸÷¿¯Ðа氲ȫ²¼¸æ£¬ £¬£¬£¬£¬£¬£¬£¬²¢ÔÚ²¹¶¡°ä²¼ºóÁ¢¼´Éý¼¶¡£¡£¡£¡£¡£¡£¡£


3.2 Ò»Ê±´ëÊ©


sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"¡£¡£¡£¡£¡£¡£¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬ £¬£¬£¬£¬£¬£¬£¬Ï÷¼õϵͳ·ì϶£¬ £¬£¬£¬£¬£¬£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£¡£¡£¡£¡£¡£

? ¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬 £¬£¬£¬£¬£¬£¬£¬Åú¸Ä·À»ðǽսÊõ£¬ £¬£¬£¬£¬£¬£¬£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬ £¬£¬£¬£¬£¬£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬ £¬£¬£¬£¬£¬£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£¡£¡£¡£¡£¡£

? Ê¹ÓÃÆóÒµ¼¶°²È«²úÆ·£¬ £¬£¬£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£¡£¡£¡£¡£¡£

? ¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ £¬£¬£¬£¬£¬£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬ £¬£¬£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£¡£¡£¡£

? ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£¡£¡£¡£¡£¡£


3.4 ²Î¿¼Á´½Ó


https://github.com/V4bel/dirtyfrag/tree/master/

https://www.openwall.com/lists/oss-security/2026/05/07/8/