I also just verified it worked on my Arch install. But running the mitigation command and rebooting effectively blocked it, and I’m on the Arch LTS kernel. I think the disabled modules are related to IPSec, which most desktop users don’t really need.
Its a kernel exploit, so probably. But I just checked my arch installs,and I don’t have any of the kernel modules loaded. Loading requires root anyway, so I think this may be fairly limited in reality?
Well shit. I wonder if all Linux systems are affected, the testing in the repo doesn’t cover Arch for instance. For now I’d assume the answer is yes.
I also just verified it worked on my Arch install. But running the mitigation command and rebooting effectively blocked it, and I’m on the Arch LTS kernel. I think the disabled modules are related to IPSec, which most desktop users don’t really need.
Did you have the modules loaded before running the exploit?
I did. No idea how or why, though.
Yea it works on arch, I just tested on my own PC:
OS: Arch Linux x86_64 Kernel: Linux 7.0.3-arch1-2❯ ./exp [root@arch dirtyfrag]# ls README.md assets exp exp.c [root@arch dirtyfrag]# whoami rootI updated it last week.
Edit: I just ran
yay -Suyto update everything and still works.Its a kernel exploit, so probably. But I just checked my arch installs,and I don’t have any of the kernel modules loaded. Loading requires root anyway, so I think this may be fairly limited in reality?
don’t see 'em loaded here, either. trixie (dietpi) server, aurora (f44) desktop