| 7 May 2026 |
 hexa | https://github.com/V4bel/dirtyfrag | 19:57:24 |
|  steinbes04 joined the room. | 20:07:55 |
 Jenny | Seems to be related, but exploits other kernel modules: https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo | 21:58:29 |
 raitobezarius | It's the same root cause | 21:59:32 |
|  kybe joined the room. | 22:04:14 |
 kuflierl | https://github.com/NixOS/nixpkgs/pull/517642
Pretty old stuff I just forgot about because the bot didn't notify me | 23:13:39 |
| 8 May 2026 |
|  jopejoe1 changed their display name from jopejoe1 (4094@epvpn) to jopejoe1. | 08:44:11 |
 K900 | https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.206 | 14:49:02 |
| K900 | 5.15 fix was wrong | 14:49:06 |
| K900 | 6.1 also just got a respin | 15:20:45 |
 magic_rb | This patching round is going swimmingly | 15:37:19 |
 dish [Fox/It/She] | https://ze3tar.github.io/post-zcrx.html | 21:40:40 |
| dish [Fox/It/She] | sigh | 21:40:41 |
| dish [Fox/It/She] | tl;dr io_uring ZCRX freelist LPE | 21:40:50 |
| dish [Fox/It/She] | * tl;dr io_uring ZCRX freelist LPE, affects 6.15 -> 6.19 | 21:41:13 |
| dish [Fox/It/She] | but also requires CAP_NET_ADMIN so shouldn't be too much of an issue | 21:41:34 |
| dish [Fox/It/She] | * but also requires CAP_NET_ADMIN and a NIC that supports zero copy recieve(ZCRX) so shouldn't be too much of an issue | 21:42:03 |
| dish [Fox/It/She] | * but also requires CAP_NET_ADMIN, a NIC that supports zero copy recieve(ZCRX), and kernel configured with io_uring zcrx enabled so shouldn't be too much of an issue | 21:42:30 |
 Morgan (@numinit) | Nice, io_uring, the source of like over half of Android bug bounties over the past couple years | 21:42:59 |
| dish [Fox/It/She] | okay i think this is pretty much a nonissue since you need all the above to write OOB, but then CAP_SYS_ADMIN to execute so... seems like you basically need root and/or elevated privs so... | 21:43:54 |
| Morgan (@numinit) | https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html
Wish there was a dumpster fire emoji anyway | 21:44:55 |
| dish [Fox/It/She] | π₯
ποΈ | 21:46:25 |
| Morgan (@numinit) | "we paid out around 1 million USD for io_uring alone"
πΈπ₯ | 21:47:06 |
 Sandro | One of the oauth2-proxy CVEs was only partically addressed and one of the recommended arguments to set was impossible to be defined
https://github.com/NixOS/nixpkgs/pull/518211 | 23:16:07 |
| Sandro | * One of the oauth2-proxy CVEs was only partically addressed and one of the recommended arguments to set was impossible to be defined in the nixos module
https://github.com/NixOS/nixpkgs/pull/518211 | 23:17:56 |
| 9 May 2026 |
| dish [Fox/It/She] | Gitpython security bump: https://github.com/NixOS/nixpkgs/pull/518443 | 17:20:00 |
| 11 May 2026 |
| kuflierl | 'high' severtiy cve in python library
https://github.com/NixOS/nixpkgs/pull/518798 | 02:28:11 |
 tgerbet | DNSMasq coordinated release (cache poisoning, privesc...) https://www.kb.cert.org/vuls/id/471747
https://github.com/NixOS/nixpkgs/pull/519082 | 17:34:09 |
| hexa |
dnsmasq has released version 2.93 to fix the above vulnerabilities
| 17:36:23 |
| hexa |
dnsmasq: 2.92 -> 2.92rel2
| 17:36:33 |
