{"id":15508,"date":"2026-05-08T11:22:47","date_gmt":"2026-05-08T08:22:47","guid":{"rendered":"https:\/\/www.inetmar.com\/blog\/?p=15508"},"modified":"2026-05-08T11:37:21","modified_gmt":"2026-05-08T08:37:21","slug":"linux-kernelda-kritik-dirty-frag-zafiyeti-tespit-edildi","status":"publish","type":"post","link":"https:\/\/www.inetmar.com\/blog\/linux-kernelda-kritik-dirty-frag-zafiyeti-tespit-edildi\/","title":{"rendered":"Linux Kernel&#8217;da Kritik &#8220;Dirty Frag&#8221; Zafiyeti Tespit Edildi!"},"content":{"rendered":"<p>Linux kernel ekosisteminde, sistem y\u00f6neticilerini teyakkuza ge\u00e7iren <strong>&#8220;Dirty Frag&#8221;<\/strong> kod adl\u0131 yeni bir yerel yetki y\u00fckseltme (LPE) a\u00e7\u0131\u011f\u0131 rapor edildi. Bu zafiyet, sald\u0131rganlar\u0131n standart kullan\u0131c\u0131 yetkilerinden s\u0131yr\u0131larak do\u011frudan <strong>root<\/strong> eri\u015fimi elde etmelerine imkan tan\u0131yor.<\/p>\n<h3>Zafiyetin Arka Plan\u0131 ve Teknik Detaylar\u0131<\/h3>\n<p>Dirty Frag asl\u0131nda Linux d\u00fcnyas\u0131n\u0131n yabanc\u0131 olmad\u0131\u011f\u0131 bir sald\u0131r\u0131 silsilesinin son halkas\u0131. 2022&#8217;deki me\u015fhur <strong>&#8220;Dirty Pipe&#8221; (CVE-2022-0847)<\/strong> ve ge\u00e7ti\u011fimiz g\u00fcnlerde g\u00fcndeme oturan <strong>&#8220;Copy\/Fail&#8221; (CVE-2026-31431)<\/strong> a\u00e7\u0131klar\u0131n\u0131n bir devam\u0131 niteli\u011finde.<\/p>\n<ul>\n<li><strong>Temel Mant\u0131k:<\/strong> Sald\u0131rganlar, \u00e7ekirde\u011fin bir ikili dosyay\u0131 (binary) y\u00fcklerken okudu\u011fu <strong>sayfa \u00f6nbelle\u011fini (page cache)<\/strong> manip\u00fcle ediyor.<\/li>\n<li><strong>Kapsam:<\/strong> Linux \u00e7ekirde\u011finin 4.14 ve sonras\u0131 (2017&#8217;den g\u00fcn\u00fcm\u00fcze) t\u00fcm s\u00fcr\u00fcmleri bu risk alt\u0131nda.<\/li>\n<li><strong>Durum:<\/strong> 7 May\u0131s 2026&#8217;da duyurulan bu a\u00e7\u0131k i\u00e7in hen\u00fcz resmi CVE kodu &#8220;Dirty Frag&#8221; \u00f6zelinde g\u00fcncellenme a\u015famas\u0131nda olsa da, ana da\u011f\u0131t\u0131mlar\u0131n (Ubuntu, AlmaLinux, CloudLinux) m\u00fchendislik ekipleri konu \u00fczerinde \u00e7al\u0131\u015f\u0131yor.<\/li>\n<\/ul>\n<h3>Etkilenen \u0130\u015fletim Sistemleri<\/h3>\n<p>\u015eu an itibar\u0131yla a\u015fa\u011f\u0131daki sistemlerin savunmas\u0131z oldu\u011fu teyit edilmi\u015ftir:<\/p>\n<table border=\"1\">\n<thead>\n<tr>\n<th>Da\u011f\u0131t\u0131m Grubu<\/th>\n<th>Versiyonlar<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Ubuntu<\/strong><\/td>\n<td>20.04, 22.04, 24.04 LTS<\/td>\n<\/tr>\n<tr>\n<td><strong>AlmaLinux \/ Rocky<\/strong><\/td>\n<td>8, 9 ve 10<\/td>\n<\/tr>\n<tr>\n<td><strong>CloudLinux<\/strong><\/td>\n<td>7 Hybrid, 8, 9 ve 10<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>Ge\u00e7ici \u00c7\u00f6z\u00fcm<\/h3>\n<p>Resmi yamalar yay\u0131nlanana kadar <a href=\"https:\/\/www.inetmar.com\/sunucu\/\" target=\"_blank\" rel=\"noopener\">sunucu<\/a> hizmetlerinizi g\u00fcvence alt\u0131na almak i\u00e7in zafiyete kap\u0131 aralayan belirli kernel mod\u00fcllerini devre d\u0131\u015f\u0131 b\u0131rakman\u0131z ve \u00f6nbelle\u011fi temizlemeniz \u00f6nerilmektedir.<\/p>\n<p><strong>1. Mod\u00fclleri Devre D\u0131\u015f\u0131 B\u0131rakma:<\/strong><\/p>\n<p>Root yetkisiyle a\u015fa\u011f\u0131daki komutu \u00e7al\u0131\u015ft\u0131rarak riskli protokollerin y\u00fcklenmesini engelleyin:<\/p>\n<pre><code>sh -c \"printf 'install esp4 \/bin\/false\\ninstall esp6 \/bin\/false\\ninstall rxrpc \/bin\/false\\n' &gt; \/etc\/modprobe.d\/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2&gt;\/dev\/null; true\"<\/code><\/pre>\n<p><strong>2. Sayfa \u00d6nbelle\u011fini Temizleme:<\/strong><\/p>\n<p>Bellekteki olas\u0131 manip\u00fclasyonlar\u0131 ortadan kald\u0131rmak i\u00e7in \u00f6nbelle\u011fi \u015fu komutla bo\u015falt\u0131n:<\/p>\n<pre><code>echo 3 &gt; \/proc\/sys\/vm\/drop_caches<\/code><\/pre>\n<p><strong>\u00d6nemli Not:<\/strong> Bu i\u015flemler sunucunuzda IPsec (esp) veya \u00f6zel RPC (rxrpc) protokollerini kullanan servisleri etkileyebilir. Uygulamadan \u00f6nce servis ba\u011f\u0131ml\u0131l\u0131klar\u0131n\u0131z\u0131 kontrol etmeniz tavsiye ederiz.<\/p>\n<h3><\/h3>\n<p>\u015eu an i\u00e7in CloudLinux ve AlmaLinux taraf\u0131nda \u00f6n duyurular yap\u0131lm\u0131\u015f durumda. G\u00f6z\u00fcn\u00fcz sistem g\u00fcncellemelerinde (yum update \/ apt upgrade) olsun resmi yamalar yay\u0131nland\u0131\u011f\u0131 anda bu ge\u00e7ici \u00f6nlemleri kald\u0131r\u0131p kernel g\u00fcncellemesini tamamlamak en kal\u0131c\u0131 \u00e7\u00f6z\u00fcm olacakt\u0131r.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux kernel ekosisteminde, sistem y\u00f6neticilerini teyakkuza ge\u00e7iren &#8220;Dirty Frag&#8221; kod adl\u0131 yeni bir yerel yetki y\u00fckseltme (LPE) a\u00e7\u0131\u011f\u0131 rapor edildi. Bu zafiyet, sald\u0131rganlar\u0131n standart kullan\u0131c\u0131 yetkilerinden s\u0131yr\u0131larak do\u011frudan root eri\u015fimi elde etmelerine imkan tan\u0131yor. Zafiyetin&#46;&#46;&#46;<\/p>\n","protected":false},"author":2,"featured_media":15514,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[52,46],"tags":[],"class_list":["post-15508","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik","category-sunucu"],"_links":{"self":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15508","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/comments?post=15508"}],"version-history":[{"count":5,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15508\/revisions"}],"predecessor-version":[{"id":15515,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15508\/revisions\/15515"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media\/15514"}],"wp:attachment":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media?parent=15508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/categories?post=15508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/tags?post=15508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}