Fragnesia: Local Linux kernel flaw lets unprivileged users gain root access

May 13, 2026 at 05:11 PM

•

1 min read

Fragnesia: Local Linux kernel flaw lets unprivileged users gain root access — Photo: CyberSecurityNews

TL;DR Summary

Security researchers disclosed Fragnesia, a local privilege-escalation vulnerability in the Linux kernel (Dirtyfrag family) that lets an unprivileged user escalate to root by abusing ESP-in-TCP ULP handling and corrupting the kernel page cache, effectively enabling an in-memory overwrite of /usr/bin/su to spawn a root shell without altering on-disk binaries. The flaw affects virtually all kernels affected by Dirtyfrag up to May 13, 2026; upstream patches exist, but unpatched systems remain at risk. Mitigations include unloading/disabling the affected ESP modules (esp4, esp6, rxrpc) via a dirtyfrag.conf and flushing caches or rebooting to drop the modified page cache. A public PoC on GitHub lowers the barrier to exploitation, so applying the patch promptly is critical.

Topics:technology #cyber-security #dirtyfrag #fragnesia #linux-kernel #privilege-escalation #upstream-patch

Share this article

Fragnesia Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released CyberSecurityNews
Active attack: Dirty Frag Linux vulnerability expands post-compromise risk Microsoft
Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP wiz.io
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros Dark Reading
Linux bitten by second severe vulnerability in as many weeks Ars Technica

Reading Insights

Total Reads

Unique Readers

Time Saved

57 min

vs 58 min read

Condensed

99%

11,447 → 113 words

Want the full story? Read the original article

Read on CyberSecurityNews

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights