Hyunwoo Kim has announced
the Dirty
Frag security flaw, a
local-privilege-escalation (LPE) vulnerability similar to the
recently disclosed Copy Fail
flaw:

Because the embargo has now been broken, no patches or CVEs exist for 
these vulnerabilities. After consultation with the linux-distros@vs.openwall.org
maintainers, and at the maintainers' request, I am publicly releasing this 
Dirty Frag document.

As with the previous Copy Fail vulnerability, Dirty Frag likewise allows 
immediate root privilege escalation on all major distributions.

Kim, who discovered the flaw and had attempted a coordinated
disclosure set for May�12, has released the code for an exploit, as well as a
example
script to remove the vulnerable modules. A full
write-up, with the disclosure timeline, is also available. It's
unknown at this time whether this is an example of parallel discovery
or how the third party was able to disclose it prior to the end of the
embargo. We will be following up as more information comes to light.

https://lwn.net/Articles/1071719/
--- SBBSecho 3.37-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)