New Dirty Frag Exploit Puts Millions of Linux Systems at Risk

Staff Editor 2026-05-08
New Dirty Frag Exploit Puts Millions of Linux Systems at Risk

New Dirty Frag Exploit Puts Millions of Linux Systems at Risk

https://sqmagazine.co.uk/dirty-frag-linux-root-exploit-major-distros/

Publish Date: 2026-05-08 06:34:00

Source Domain: sqmagazine.co.uk

A newly disclosed Linux vulnerability called Dirty Frag is putting millions of systems at risk by allowing attackers to gain instant root access across major Linux distributions without needing complicated attack methods.

Quick Summary – TLDR:

  • Dirty Frag is a newly disclosed Linux privilege escalation vulnerability affecting systems dating back to 2017.
  • The exploit gives attackers immediate root access with a simple local command.
  • No official patches are currently available because the vulnerability disclosure embargo was reportedly broken early.
  • Ubuntu, Fedora, RHEL, CentOS Stream, AlmaLinux, Arch, and openSUSE are among the affected distributions.

What Happened?

A serious new Linux security flaw named Dirty Frag has been publicly disclosed after an embargo surrounding the vulnerability reportedly collapsed ahead of schedule. Security researchers say the exploit allows local users to gain full administrator privileges on vulnerable Linux systems almost instantly.

The issue has raised concern across the Linux community because no official fixes were ready when details of the exploit became public. Researchers also confirmed that the vulnerability affects most major Linux distributions released over the last several years.

💥 Introducing “Dirty Frag”

A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail.

No race, no panic on failure, fully deterministic. ~9 years latent.
Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more.

Even… pic.twitter.com/2pfLnD77zy

— V4bel (@v4bel) May 7, 2026

Dirty Frag Uses Similar Techniques to Copy Fail

The newly discovered exploit belongs to the same vulnerability class as the recently disclosed Copy Fail and older Dirty Pipe Linux vulnerabilities. All three exploit weaknesses tied to Linux page cache operations, which attackers can abuse to overwrite protected files in memory.

According to security researcher Hyunwoo Kim,…

Source

More Stories

“Flatten The Pick” Linux Patches Progress For Better cgroup Scheduling While Linux Gaming

“Flatten The Pick” Linux Patches Progress For Better cgroup Scheduling While Linux Gaming

Staff Editor 2026-06-07
Linux 7.1-rc7 Adding More AMD Zen 6 CPU Models

Linux 7.1-rc7 Adding More AMD Zen 6 CPU Models

Staff Editor 2026-06-07
Some Broadcom V3D Graphics Support On Path For Removed Over Lack Of Testing

Some Broadcom V3D Graphics Support On Path For Removed Over Lack Of Testing

Staff Editor 2026-06-07

Terms and Conditions - Privacy Policy