{"id":242078,"date":"2026-05-08T10:13:00","date_gmt":"2026-05-08T14:13:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/08\/dirty-frag-unpatched-linux-vulnerability-delivers-root-access\/"},"modified":"2026-05-09T01:10:13","modified_gmt":"2026-05-09T05:10:13","slug":"dirty-frag-unpatched-linux-vulnerability-delivers-root-access","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/08\/dirty-frag-unpatched-linux-vulnerability-delivers-root-access\/","title":{"rendered":"Dirty Frag: Unpatched Linux vulnerability delivers root access"},"content":{"rendered":"<p><a href=\"https:\/\/www.helpnetsecurity.com\/2026\/05\/08\/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500\/\">Dirty Frag: Unpatched Linux vulnerability delivers root access<\/a><\/p>\n<p><a href=\"https:\/\/www.helpnetsecurity.com\/2026\/05\/08\/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500\/\">https:\/\/www.helpnetsecurity.com\/2026\/05\/08\/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-08 10:13:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.helpnetsecurity.com\">www.helpnetsecurity.com<\/a><\/p>\n<p>A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed \u201cDirty Frag\u201d has been revealed, along with a PoC exploit.<\/p>\n<h3>What is Dirty Frag<\/h3>\n<p>In effect, Dirty Frag refers to two flaws:<\/p>\n<ul>\n<li>A <strong>xfrm-ESP Page-Cache Write<\/strong> vulnerability (CVE-2026-43284, aka Copy Fail 2.0), now patched in the Linux kernel, affects the modules supporting one of the protocols used for IPsec<\/li>\n<li>A <strong>RxRPC Page-Cache Write<\/strong> vulnerability (CVE number reserved: CVE-2026-43500), currently unpatched, affects the modules that provide support for RxRPC, a protocol used for the AFS distributed file system.<\/li>\n<\/ul>\n<p>Vulnerability researcher Hyunwoo Kim (aka \u201cV4bel\u201d) privately reported both flaws to the Linux kernel maintainers on April 29-30, 2026, and submitted patches for them to the mailing list for Linux kernel networking development (\u201cnetdev\u201d).<\/p>\n<p>On May 7, he submitted detailed information about the vulnerabilities and the exploit to the private, members-only mailing list used for coordinating security vulnerability disclosure across Linux distributions.<\/p>\n<p>That same day, \u201can unrelated third party\u201d published the details and the exploit for one of the flaws so, \u201cafter obtaining agreement from distribution maintainers,\u201d Kim got the go-ahead to fully disclose Dirty Frag.<\/p>\n<p>The consequence of the third-party leak during the embargo period is that CVE-2026-43500 has yet to be patched in the Linux kernel, and fixes haven\u2019t been made available to users of various affected Linux distributions: Red Hat Enterprise Linux, AlmaLinux, Debian, Ubuntu, Fedora, Arch Linux, CentOS, CloudLinux, Amazon Linux, and others.<\/p>\n<h3>Patches in the works, mitigations available<\/h3>\n<p>\u201cAn interesting factor of Dirty Frag is that chaining the two sub-vulnerabilities covers each other\u2019s blind spots,\u201d SANS ISC handler Yee Ching Tok explained.<\/p>\n<p>\u201cAs described in [Hyunwoo Kim\u2019s] write-up, neither the xfrm-ESP Page-Cache Write nor the RxRPC Page-Cache Write alone provides a sufficiently reliable&#8230;<\/p>\n<p><a href=\"https:\/\/www.helpnetsecurity.com\/2026\/05\/08\/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dirty Frag: Unpatched Linux vulnerability delivers root access https:\/\/www.helpnetsecurity.com\/2026\/05\/08\/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500\/ Publish Date: 2026-05-08 10:13:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":242079,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img.helpnetsecurity.com\/wp-content\/uploads\/2024\/10\/07141728\/linux-fire-1.webp","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[143,99,144,177,90,91,31,97,71,94,57,79,27],"class_list":["post-242078","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-almalinux","tag-arch-linux","tag-centos","tag-cloudlinux","tag-cve","tag-debian","tag-exploit","tag-fedora","tag-linux","tag-red-hat-enterprise-linux","tag-security","tag-ubuntu","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/242078"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=242078"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/242078\/revisions"}],"predecessor-version":[{"id":242080,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/242078\/revisions\/242080"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/242079"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=242078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=242078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=242078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}