Dirty Frag LPE Hits Linux Distributions Worldwide Hard
Dirty Frag LPE Hits Linux Distributions Worldwide Hard
https://thecyberexpress.com/dirty-frag-linux-lpe-cve-2026-31431/
Publish Date: 2026-05-08 04:26:00
Source Domain: thecyberexpress.com
A newly disclosed local privilege escalation (LPE) vulnerability known as Dirty Frag is raising serious concerns across the Linux ecosystem after researchers revealed that the flaw can grant root access to most major Linux distributions. The vulnerability, which currently remains unpatched, has been described as a successor to the previously disclosed Copy Fail flaw tracked as CVE-2026-31431.
Security researcher Hyunwoo Kim, also known online as @v4bel, publicly disclosed the issue after what he described as a breakdown in the coordinated disclosure and embargo process. The vulnerability was initially reported to Linux kernel maintainers on April 30, 2026, but no official fixes or CVE identifiers had been assigned at the time of disclosure.
According to Kim, Dirty Frag is not a single bug but a vulnerability class capable of achieving root privileges across many Linux distributions by chaining together two separate flaws: the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability.
Kim explained in his technical write-up:
“Dirty Frag is a vulnerability (class) that achieves root privileges on most Linux distributions by chaining the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability.”
He further noted that Dirty Frag extends the same bug class associated with Dirty Pipe and Copy Fail (CVE-2026-31431). Unlike race-condition-based attacks, Dirty Frag operates through a deterministic logic flaw, making exploitation more reliable.
“Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is very high.”
Dirty Frag Targets Multiple Linux Distributions
The new LPE vulnerability affects a broad range of Linux distributions, including Ubuntu 24.04.4, RHEL 10.1, openSUSE Tumbleweed, CentOS Stream 10, AlmaLinux 10, and Fedora 44….
