{"id":47944,"date":"2026-05-16T15:51:44","date_gmt":"2026-05-16T08:51:44","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47944"},"modified":"2026-05-29T15:52:21","modified_gmt":"2026-05-29T08:52:21","slug":"canh-bao-lo-hong-fragnesia-nguy-co-leo-thang-dac-quyen-root-tren-linux","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/canh-bao-lo-hong-fragnesia-nguy-co-leo-thang-dac-quyen-root-tren-linux\/","title":{"rendered":"C\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng Fragnesia: Nguy c\u01a1 leo thang \u0111\u1eb7c quy\u1ec1n root tr\u00ean Linux"},"content":{"rendered":"<div><b>M\u1ed9t bi\u1ebfn th\u1ec3 m\u1edbi c\u1ee7a nh\u00f3m l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n c\u1ee5c b\u1ed9 (LPE) tr\u00ean Linux v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1, cho th\u1ea5y b\u1ec1 m\u1eb7t t\u1ea5n c\u00f4ng c\u1ee7a nh\u00e2n h\u1ec7 \u0111i\u1ec1u h\u00e0nh n\u00e0y \u0111ang b\u1ecb khai th\u00e1c li\u00ean ti\u1ebfp trong th\u1eddi gian ng\u1eafn. L\u1ed7 h\u1ed5ng m\u1edbi c\u00f3 t\u00ean Fragnesia, \u0111\u1ecbnh danh CVE-2026-46300, \u0111i\u1ec3m CVSS 7,8, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng n\u1ed9i b\u1ed9 gi\u00e0nh quy\u1ec1n root th\u00f4ng qua c\u01a1 ch\u1ebf thao t\u00fang b\u1ed9 nh\u1edb page cache.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"1778840328796.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/1778840328796-png.19024\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\" data-fancybox=\"lb-thread-19570\" data-caption=\"&lt;h4&gt;1778840328796.png&lt;\/h4&gt;&lt;p&gt;&lt;a href=&quot;https:&amp;#x2F;&amp;#x2F;whitehat.vn&amp;#x2F;threads&amp;#x2F;canh-bao-lo-hong-fragnesia-nguy-co-leo-thang-dac-quyen-root-tren-linux.19570&amp;#x2F;#post-45135&quot; class=&quot;js-lightboxCloser&quot;&gt;WhiteHat Team \u00b7 15&amp;#x2F;05&amp;#x2F;2026 l\u00fac 5:19 PM&lt;\/a&gt;&lt;\/p&gt;\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"1778840328796.png\" src=\"https:\/\/whitehat.vn\/attachments\/1778840328796-png.19024\/\" alt=\"1778840328796.png\" width=\"952\" height=\"559\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<p>\u200b<\/p><\/div>\n<div>\nTheo ph\u00e2n t\u00edch, Fragnesia t\u1ed3n t\u1ea1i trong th\u00e0nh ph\u1ea7n XFRM ESP-in-TCP c\u1ee7a Linux kernel. L\u1ed7i n\u00e0y cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng c\u00f3 \u0111\u1eb7c quy\u1ec1n ghi d\u1eef li\u1ec7u t\u00f9y \u00fd v\u00e0o v\u00f9ng nh\u1edb page cache c\u1ee7a c\u00e1c file ch\u1ec9 \u0111\u1ecdc. T\u1eeb \u0111\u00f3, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eeda \u0111\u1ed5i c\u00e1c file nh\u1ea1y c\u1ea3m nh\u01b0 \/usr\/bin\/su v\u00e0 nhanh ch\u00f3ng chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n h\u1ec7 th\u1ed1ng.<\/p>\n<p>Fragnesia c\u00f3 nhi\u1ec1u \u0111i\u1ec3m t\u01b0\u01a1ng \u0111\u1ed3ng v\u1edbi c\u00e1c l\u1ed7 h\u1ed5ng g\u1ea7n \u0111\u00e2y nh\u01b0 Dirty Frag hay Copy Fail. Tuy nhi\u00ean, \u0111i\u1ec3m nguy hi\u1ec3m n\u1eb1m \u1edf vi\u1ec7c khai th\u00e1c kh\u00f4ng c\u1ea7n race condition, gi\u00fap t\u0103ng t\u00ednh \u1ed5n \u0111\u1ecbnh v\u00e0 kh\u1ea3 n\u0103ng khai th\u00e1c th\u1ef1c t\u1ebf. M\u00e3 khai th\u00e1c (PoC) \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1, l\u00e0m gia t\u0103ng r\u1ee7i ro b\u1ecb l\u1ee3i d\u1ee5ng trong m\u00f4i tr\u01b0\u1eddng th\u1ef1c t\u1ebf.<\/p>\n<p>C\u00e1c b\u1ea3n ph\u00e2n ph\u1ed1i Linux l\u1edbn nh\u01b0 Debian, Ubuntu, Red Hat hay SUSE \u0111\u1ec1u \u0111\u00e3 ph\u00e1t h\u00e0nh c\u1ea3nh b\u00e1o v\u00e0 b\u1ea3n v\u00e1. Trong tr\u01b0\u1eddng h\u1ee3p ch\u01b0a th\u1ec3 c\u1eadp nh\u1eadt kernel ngay, c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean n\u00ean \u00e1p d\u1ee5ng bi\u1ec7n ph\u00e1p gi\u1ea3m thi\u1ec3u t\u01b0\u01a1ng t\u1ef1 Dirty Frag: v\u00f4 hi\u1ec7u h\u00f3a ESP (esp4, esp6), h\u1ea1n ch\u1ebf truy c\u1eadp shell n\u1ed9i b\u1ed9, t\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t h\u00e0nh vi leo thang \u0111\u1eb7c quy\u1ec1n v\u00e0 si\u1ebft ch\u1eb7t b\u1ea3o m\u1eadt container.<\/p>\n<p>\u0110\u00e1ng ch\u00fa \u00fd, c\u01a1 ch\u1ebf AppArmor c\u00f3 th\u1ec3 gi\u00fap gi\u1ea3m thi\u1ec3u m\u1ed9t ph\u1ea7n r\u1ee7i ro, nh\u01b0ng kh\u00f4ng \u0111\u1ee7 \u0111\u1ec3 ng\u0103n ch\u1eb7n ho\u00e0n to\u00e0n khai th\u00e1c. Vi\u1ec7c kh\u00f4ng y\u00eau c\u1ea7u \u0111\u1eb7c quy\u1ec1n ban \u0111\u1ea7u khi\u1ebfn Fragnesia tr\u1edf th\u00e0nh m\u1ed1i \u0111e d\u1ecda \u0111\u00e1ng k\u1ec3 trong c\u00e1c m\u00f4i tr\u01b0\u1eddng multi-user ho\u1eb7c h\u1ec7 th\u1ed1ng chia s\u1ebb.<\/p>\n<p>Ngo\u00e0i ra, th\u00f4ng tin t\u1eeb c\u00e1c di\u1ec5n \u0111\u00e0n ng\u1ea7m cho th\u1ea5y m\u1ed9t c\u00f4ng c\u1ee5 khai th\u00e1c zero-day Linux LPE \u0111ang \u0111\u01b0\u1ee3c rao b\u00e1n v\u1edbi gi\u00e1 l\u00ean t\u1edbi 170.000 USD, cho th\u1ea5y xu h\u01b0\u1edbng gia t\u0103ng khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng kernel nh\u1eb1m ph\u1ee5c v\u1ee5 m\u1ee5c \u0111\u00edch t\u1ea5n c\u00f4ng c\u00f3 ch\u1ee7 \u0111\u00edch. V\u00ec v\u1eady, vi\u1ec7c c\u1eadp nh\u1eadt b\u1ea3n v\u00e1 k\u1ecbp th\u1eddi v\u00e0 tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p ph\u00f2ng v\u1ec7 nhi\u1ec1u l\u1edbp l\u00e0 y\u1ebfu t\u1ed1 then ch\u1ed1t \u0111\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro.\u200b<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t bi\u1ebfn th\u1ec3 m\u1edbi c\u1ee7a nh\u00f3m l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n c\u1ee5c b\u1ed9 (LPE) tr\u00ean Linux v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1, cho th\u1ea5y b\u1ec1 m\u1eb7t t\u1ea5n c\u00f4ng c\u1ee7a nh\u00e2n h\u1ec7 \u0111i\u1ec1u h\u00e0nh n\u00e0y \u0111ang b\u1ecb khai th\u00e1c li\u00ean ti\u1ebfp trong th\u1eddi gian ng\u1eafn. L\u1ed7 h\u1ed5ng m\u1edbi c\u00f3 t\u00ean Fragnesia, \u0111\u1ecbnh danh CVE-2026-46300, \u0111i\u1ec3m CVSS 7,8, [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":47945,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-47944","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47944"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47944\/revisions"}],"predecessor-version":[{"id":47946,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47944\/revisions\/47946"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47945"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}