Dirty Frag: The Linux Zero-Day Getting Root on Every Major Distro (Demo + Mitigation) [YouTube Release]

Youtube Releases
1

Additional Resources:

Forum post
https://forums.lawrencesystems.com/t/how-linux-dirty-frags-works-and-mitigations/26752/2

Connect With Us

Lawrence Systems Shirts and Swag

:t_shirt: Lawrence Systems

AFFILIATES & REFERRAL LINKS

Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

UniFi Affiliate Link
:shopping_cart: Ubiquiti Store

All Of Our Affiliates help us out and can get you discounts!
:shopping_cart: Partners We Love – Lawrence Systems

Gear we use on Kit
:shopping_cart: Kit

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Premium Refurbished Servers & Workstations at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: AI-Native Cloud | DigitalOcean

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - Fast and Reliable UniFi in the Cloud

Protect your privacy with a VPN from Private Internet Access
:shopping_cart: https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS

Patreon
:money_bag: https://www.patreon.com/lawrencesystems
Chapters
00:00 - What is Dirty Frag and why it matters
00:08 - Bug class context: Dirty Pipe and Copy Fail
00:11 - Current patch status as of May 8, 2026
00:18 - Test system: Debian 13 Trixie fully patched
00:25 - No updates available, confirming unpatched state
00:36 - Running the exploit as unprivileged user
00:53 - Exploit succeeds, we are now root
01:03 - Forum write-up and CVE links overview
01:35 - Impact table: who is affected by the mitigation
01:54 - Risk model: local privilege escalation explained
02:20 - Running the mitigation command
02:37 - Exploit fails after mitigation applied
02:57 - Distro advisories: Ubuntu, Red Hat, AlmaLinux, CloudLinux, AWS
03:11 - How the embargo broke: Copy Fail 2 Electric Boogaloo
03:30 - Reverse engineering from kernel mailing list patch
03:49 - Where to find the forum post and distro links