#セキュリティ

Linux Dirty Frag (CVE-2026-43284) Gets Root Through ESP and RxRPC Page Cache Writes

Dirty Frag is a local privilege escalation that writes to the Linux page cache via ESP-in-UDP and RxRPC receive paths. The algif_aead workaround from Copy Fail doesn't help, and the two attack paths complement each other to bypass Ubuntu's AppArmor restrictions on user namespaces.

Stripe Checkout Price Tampering Vulnerability

If your Stripe Checkout endpoint takes amount or priceId from the request body, users can swap prices and plans. Pin pricing decisions to the server.

Linux Kernel Copy Fail (CVE-2026-31431) Rewrites the Page Cache to Get Root

CVE-2026-31431 Copy Fail is a Linux kernel local privilege escalation bug that lets an unprivileged user write 4 controlled bytes into the page cache via AF_ALG + algif_aead. On containers and CI runners it turns into host compromise.

Rescuing exifr's broken GPS parsing on iPhone 17 HEIC with a browser-only fallback

iPhone 17's HEIC adds new brand identifiers to the ftyp box, pushing it past exifr's hard-coded 50-byte guard. Here's a dynamic-import fallback to ExifReader, plus Null Island filtering and iloc pre-inspection to harden browser-only photo tools.