Dirty Frag LPE Chains Two Kernel Flaws to Root Across Major Linux Distros

May 8, 2026 at 01:24 PM

•

1 min read

Dirty Frag LPE Chains Two Kernel Flaws to Root Across Major Linux Distros — Photo: The Hacker News

TL;DR Summary

Security researchers have disclosed Dirty Frag, a new unpatched Linux kernel local privilege escalation that chains two bugs—xfrm-ESP Page-Cache Write and RxRPC Page-Cache Write—to grant root on most distributions (e.g., Ubuntu 24.04.4, RHEL 10.1, Fedora 44). There is no CVE yet, and a working PoC exists; exploits are being weaponized in the wild. Patches are not yet available, so admins are advised to block esp4, esp6, and rxrpc modules until fixes arrive. The flaw sits in in-place decryption paths for paged fragments in esp4/esp6/rxrpc, allowing plaintext access and privilege escalation even if other mitigations like algif_aead are in use.

Topics:technology #dirty-frag #linux-kernel #local-privilege-escalation #rxrpc #security #xfrm

Share this article

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions The Hacker News
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments Microsoft
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk TechRepublic
‘Copy Fail’ is a real Linux security crisis wrapped in AI slop CyberScoop
How Cloudflare responded to the “Copy Fail” Linux vulnerability The Cloudflare Blog

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

86%

694 → 99 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights