Skip to content

dixyes/dirtypatch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
cmd
cmd
 
 
LICENSE
LICENSE
 
 
Readme.md
Readme.md
 
 
copyfail.go
copyfail.go
 
 
dirtyfrag.go
dirtyfrag.go
 
 
dirtyfrag_test.go
dirtyfrag_test.go
 
 
exlpoit.go
exlpoit.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

dirtypatch

For machines that cannot be rebooted, this program can be used to check and mitigate the vulnerabilities.

Usage

go build -o dirtypatch cmd/main.go
# since this is a patch, not a exploit, root permission is required
sudo ./dirtypatch

Details

It checks the vulnerabilities and try to mitigate them.

  • copyfail:
    • LKM: it disables the module algif_aead and clears the page cache.
    • builtin: it uses systemtap to patch the kernel.
  • dirtyfrag:
    • it disables the modules esp4, esp6, rxrpc and clears the page cache.
    • builtin not supported yet

Supported Vulnerabilities

  • CVE-2026-31431 "copy fail"
  • "dirty frag"

Related

Copyright

MIT License Copyright (c) 2026 Yun Dou

See LICENSE for details.

About

dirty patch for dirty CVEs

Topics

cve-2026-31431 copyfail dirtyfrag cve-2026-43284

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

20260508_2 Latest
May 8, 2026

Contributors

Languages