DomainsCoZa incident

Dirty Frag Vulnerability – Secure Your VPS

Critical Resolved View vendor source →

DomainsCoZa experienced a critical incident on May 8, 2026 affecting VPS Hosting, lasting 7d 13h. The incident has been resolved; the full update timeline is below.

Started
May 08, 2026, 06:22 AM UTC
Resolved
May 15, 2026, 07:32 PM UTC
Duration
7d 13h
Detected by Pingoru
May 08, 2026, 06:22 AM UTC

Affected components

VPS Hosting

Update timeline

  1. identified May 08, 2026, 06:22 AM UTC

    The linked repo is the public PoC and disclosure for Dirty Frag (a universal Linux local privilege escalation via page-cache corruption in xfrm-ESP and RxRPC paths). It affects most major distros with no upstream patches yet (as of May 2026), but has a simple module-blacklist mitigation. https://github.com/V4bel/dirtyfrag/tree/master *Quick Mitigation Reminder* Run this on each affected system: sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true" Then reboot or drop caches. This breaks IPsec and RxRPC/AFS usage if you rely on them. Watch for kernel updates from your distro.

  2. resolved May 15, 2026, 07:32 PM UTC

    This incident has been resolved.