Another Day, Another Local Privilege Escalation Vulnerability in Linux: Meet Fragnesia

Staff Editor 2026-05-14
Another Day, Another Local Privilege Escalation Vulnerability in Linux: Meet Fragnesia

Another Day, Another Local Privilege Escalation Vulnerability in Linux: Meet Fragnesia

https://www.hackster.io/news/another-day-another-local-privilege-escalation-vulnerability-in-linux-meet-fragnesia-888a7dbbf644

Publish Date: 2026-05-14 07:09:00

Source Domain: www.hackster.io

Security researcher William Bowling has warned of yet another universal local privilege escalation (LPE) vulnerability in the Linux kernel, dubbed Fragnesia — the fourth to be publicly disclosed in just two weeks.

“[Fragnesia] abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read-only files,” Bowling explains of the flaw, “without requiring any race condition. The core bug is [that] the skb [Socket Buffer] ‘forgets’ that a frag[mented network packet] is shared during coalescing.”

Dirty Frag strikes again, with the related but distinct Fragnesia local privilege escalation vulnerability. (📹: William Bowling)

Fragnesia is the fourth easily-exploited local privilege escalation vulnerability to have been publicly disclosed in the last two weeks, after Copy Fail, and the follow-up Copy Fail 2: Electric Boogaloo, opened the floodgates. While related, as the name implies, to Dirty Frag, it’s a distinct bug in and of itself and requires a different patch — though the same mitigation as used for unpatched Dirty Frag-vulnerable systems applies to Fragnesia too.

Like its predecessor, though, it’s only a local vulnerability: it allows anyone who already has access to an affected system to escalate their privileges up to the root, or superuser, level, gaining complete control — but it can’t be remotely exploited to gain initial access to an otherwise-protected system. That’s likely little comfort given how simple the bug is to exploit, though: a small C program is enough to drop any user into a root shell.

As distribution maintainers and system vendors begin to release patches, those running unpatched kernels — any version of Linux released before May 13 2026 — are advised to apply the same mitigation as for Dirty Frag: remove the affected modules with rmmod esp4 esp6 rxrpc and prevent them from loading again with printf ‘install esp4 /bin/falseninstall esp6 /bin/falseninstall rxrpc…

Source

More Stories

New AMD Dynamic EPP Feature Causing Some Problems With Linux 7.1

New AMD Dynamic EPP Feature Causing Some Problems With Linux 7.1

Staff Editor 2026-05-14
Meet Fragnesia, the third Linux kernel vulnerability in a month

Meet Fragnesia, the third Linux kernel vulnerability in a month

Staff Editor 2026-05-14
Platform9 updates private cloud software to woo VMware users

Platform9 updates private cloud software to woo VMware users

Staff Editor 2026-05-14

Terms and Conditions - Privacy Policy