[OpenAFS] dirtyflag vulnerability and OpenAFS
Matteo Fois
matteo.fois@enea.it
Fri, 8 May 2026 08:33:33 +0000
--_000_VI1PR02MB10149A632BBC6D3EB98F84B0FFD3D2VI1PR02MB10149eu_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Good Morning,
I'm a researcher at ENEA (Italy) and we use the OpenAFS filesystem extensiv=
ely in our facilities.
This morning we discovered the dirtyflags vulnerability (https://github.com=
/V4bel/dirtyfrag) and quicky patched our machines.
The patch works by blacklisting and removing the following kernel modules: =
esp4 esp6 rxrpc
The last module rxrpc we understand that it's used by OpenAFS (https://docs=
.kernel.org/networking/rxrpc.html)
We are able to use the filesystem and it seems to be working properly after=
the patch, but we were wondering if there are more subtle side effects, fo=
r example in performance.
Also we were curious to know what happens if one uses the kafs kernel modul=
e instead of the OpenAFS client, does the blacklisted module create any pro=
blem?
Thanks,
Matteo
________________________________
Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle per=
sone indicate e la casella di posta elettronica da cui =E8 stata inviata =
=E8 da qualificarsi quale strumento aziendale.
La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di=
queste informazioni sono rigorosamente vietate (art. 616 c.p, D.Lgs. n. 19=
6/2003 s.m.i. e GDPR Regolamento - UE 2016/679).
Qualora abbiate ricevuto questo documento per errore siete cortesemente pre=
gati di darne immediata comunicazione al mittente e di provvedere alla sua =
distruzione. Grazie.
This e-mail and any attachments is confidential and may contain privileged =
information intended for the addressee(s) only.
Dissemination, copying, printing or use by anybody else is unauthorised (ar=
t. 616 c.p, D.Lgs. n. 196/2003 and subsequent amendments and GDPR UE 2016/6=
79).
If you are not the intended recipient, please delete this message and any a=
ttachments and advise the sender by return e -mail. Thanks.
________________________________
--_000_VI1PR02MB10149A632BBC6D3EB98F84B0FFD3D2VI1PR02MB10149eu_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<style type=3D"text/css" style=3D"display:none;"> P {margin-top:0;margin-bo=
ttom:0;} </style>
</head>
<body dir=3D"ltr">
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
Good Morning,</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
I'm a researcher at ENEA (Italy) and we use the OpenAFS filesystem extensiv=
ely in our facilities.</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
This morning we discovered the dirtyflags vulnerability (<a href=3D"https:/=
/github.com/V4bel/dirtyfrag" id=3D"OWA3fc1afa7-d272-ff97-95d3-4d8cfe7cbb1e"=
class=3D"OWAAutoLink">https://github.com/V4bel/dirtyfrag</a>) and quicky p=
atched our machines.</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
The patch works by blacklisting and removing the following kernel modules: =
esp4 esp6 rxrpc</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
The last module rxrpc we understand that it's used by OpenAFS (<a href=3D"h=
ttps://docs.kernel.org/networking/rxrpc.html">https://docs.kernel.org/netwo=
rking/rxrpc.html</a>)</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
We are able to use the filesystem and it seems to be working properly after=
the patch, but we were wondering if there are more subtle side effects, fo=
r example in performance.</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
Also we were curious to know what happens if one uses the kafs kernel modul=
e instead of the OpenAFS client, does the blacklisted module create any pro=
blem?</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
Thanks,</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
Matteo</div>
<div class=3D"elementToProof" style=3D"font-family: Aptos, "Aptos_Embe=
ddedFont", "Aptos_MSFontService", Calibri, Helvetica, sans-s=
erif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<br>
<br>
<hr>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px"></p=
>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">Que=
sto messaggio e i suoi allegati sono indirizzati esclusivamente alle person=
e indicate e la casella di posta elettronica da cui =E8 stata inviata =E8 d=
a qualificarsi quale strumento aziendale.
</p>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">La =
diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di qu=
este informazioni sono rigorosamente vietate (art. 616 c.p, D.Lgs. n. 196/2=
003 s.m.i. e GDPR Regolamento - UE
2016/679). </p>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">Qua=
lora abbiate ricevuto questo documento per errore siete cortesemente pregat=
i di darne immediata comunicazione al mittente e di provvedere alla sua dis=
truzione. Grazie.
<br>
</p>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">Thi=
s e-mail and any attachments is confidential and may contain privileged inf=
ormation intended for the addressee(s) only.
</p>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">Dis=
semination, copying, printing or use by anybody else is unauthorised (art. =
616 c.p, D.Lgs. n. 196/2003 and subsequent amendments and GDPR UE 2016/679)=
.
</p>
<p style=3D"font-family: Arial, Helvetica, sans-serif; font-size: 13px">If =
you are not the intended recipient, please delete this message and any atta=
chments and advise the sender by return e -mail. Thanks.
<br>
</p>
<hr>
</body>
</html>
--_000_VI1PR02MB10149A632BBC6D3EB98F84B0FFD3D2VI1PR02MB10149eu_--