Fragnesia LPE Uses Kernel Page Cache to Grant Root Access (CVE-2026-46300)

May 14, 2026 at 01:21 PM

•

1 min read

Fragnesia LPE Uses Kernel Page Cache to Grant Root Access (CVE-2026-46300) — Photo: The Hacker News

TL;DR Summary

A new Linux kernel local privilege escalation called Fragnesia (CVE-2026-46300) targets the XFRM ESP-in-TCP subsystem to corrupt the kernel page cache and convert unprivileged users into root. A PoC has been released, advisories have been issued by major distros, and patches are available. Users should patch promptly or apply Dirty Frag mitigations (e.g., disable esp4/esp6 and harden containers) while monitoring for escalation attempts. A threat actor, berz0k, is advertising a zero-day LPE exploit for sale on cybercrime forums.

Topics:technology #cve-2026-46300 #esp-in-tcp #linux-kernel #page-cache #privilege-escalation #security

Share this article

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption The Hacker News
Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP wiz.io
How Cloudflare responded to the “Copy Fail” Linux vulnerability The Cloudflare Blog
Active attack: Dirty Frag Linux vulnerability expands post-compromise risk Microsoft
Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access The Register

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

84%

475 → 78 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights