cve-toolkit

CVE helper toolkit
git clone git://git.finwo.net/app/cve-toolkit
Log | Files | Refs | README | LICENSE
commit 97a264a39779c9e72c96a27bdf400eb9afa7ddca
parent 3a04c9757c7dbacb0d848a38a27cb45f2bc3b3a1
Author: finwo <finwo@pm.me>
Date:   Thu,  7 May 2026 23:00:19 +0200

Include cache drop in the remediation text for dirtyfrag

Diffstat:

Msrc/detector/dirtyfrag.c | 2+-


1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/detector/dirtyfrag.c b/src/detector/dirtyfrag.c
@@ -2007,7 +2007,7 @@ __attribute__((constructor)) void detector_dirtyfrag_setup(void) {
                         "Run the following to blacklist vulnerable modules:\n"
                         "  sh -c \"printf 'install esp4 /bin/false\\ninstall esp6 /bin/false\\n"
                         "install rxrpc /bin/false\\n' > /etc/modprobe.d/dirtyfrag.conf; "
-                        "rmmod esp4 esp6 rxrpc 2>/dev/null; true\"\n"
+                        "rmmod esp4 esp6 rxrpc 2>/dev/null ; echo 3 > /proc/sys/vm/drop_caches; true\"\n"
                         "  Then update your kernel once distribution patches are available.",
                         detector_dirtyfrag);
 }