{"uuid": "7f83777f-2c93-4368-b240-c8007147b7c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43500", "type": "seen", "source": "https://gist.github.com/bottiger1/83d95b500a135a7283504995082a87dd", "content": "#!/usr/bin/env bash\n# CVE-2026-31431 (Copy Fail) | CVE-2026-43284 / CVE-2026-43500 (Dirty Frag)\nset -euo pipefail\n\nRED='\\033[0;31m'; YEL='\\033[1;33m'; GRN='\\033[0;32m'; NC='\\033[0m'\nok()   { echo -e \"  [${GRN}OK${NC}]   $*\"; }\nwarn() { echo -e \"  [${YEL}WARN${NC}] $*\"; }\nerr()  { echo -e \"  [${RED}FAIL${NC}] $*\"; }\n\nCONF=\"/etc/modprobe.d/dirtyfrag.conf\"\nMODS=(algif_aead esp4 esp6 rxrpc)\n\n[[ $EUID -eq 0 ]] || { err \"Run as root\"; exit 1; }\n\nprintf 'install %s /bin/false\\n' \"${MODS[@]}\" > \"$CONF\"\nok \"Wrote $CONF\"\n\nfor mod in \"${MODS[@]}\"; do\n    if lsmod | grep -q \"^${mod} \"; then\n        rmmod \"$mod\" 2>/dev/null && ok \"Unloaded $mod\" || warn \"Could not unload $mod \u2014 reboot needed\"\n    else\n        ok \"Not loaded: $mod\"\n    fi\ndone\n\necho -e \"\\nVerification:\"\nall_ok=true\nfor mod in \"${MODS[@]}\"; do\n    grep -q \"install ${mod} /bin/false\" \"$CONF\" 2>/dev/null \\\n        && ok \"Blocked: $mod\" || { err \"Rule missing: $mod\"; all_ok=false; }\n    lsmod | grep -q \"^${mod} \" \\\n        && { warn \"Still loaded: $mod \u2014 reboot required\"; all_ok=false; }\ndone\n\n$all_ok && echo -e \"\\n${GRN}\u2714 Done.${NC}\" || echo -e \"\\n${YEL}\u26a0 Reboot to complete.${NC}\"", "creation_timestamp": "2026-05-09T20:54:35.000000Z"}