{"id":243586,"date":"2026-05-11T08:02:00","date_gmt":"2026-05-11T12:02:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access\/"},"modified":"2026-05-11T08:25:07","modified_gmt":"2026-05-11T12:25:07","slug":"new-dirty-frag-exploit-targets-linux-kernel-for-root-access","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/11\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access\/","title":{"rendered":"New \u2018Dirty Frag\u2019 exploit targets Linux kernel for root access"},"content":{"rendered":"<p><a href=\"https:\/\/www.csoonline.com\/article\/4169399\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access.html\">New \u2018Dirty Frag\u2019 exploit targets Linux kernel for root access<\/a><\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4169399\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access.html\">https:\/\/www.csoonline.com\/article\/4169399\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-11 08:02:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.csoonline.com\">www.csoonline.com<\/a><\/p>\n<p>\u201cDirty Frag may be leveraged after initial compromise through SSH access, web-shell execution, container escape, or compromise of a low-privileged account,\u201d Microsoft researchers said in a security blog post, adding that affected environments may include Ubuntu, RHEL, CentOS Stream, AlmaLinux, Fedora, openSUSE, and OpenShift deployments.<\/p>\n<p>Microsoft also said the exploit stands out because it avoids many of the instability issues typically associated with Linux local privilege escalation exploits using race-condition dependent bugs.<\/p>\n<h2 class=\"wp-block-heading\">Turning Linux memory fragmentation into root access<\/h2>\n<p>According to Microsoft, the Dirty Frag exploit chain abuses weaknesses in how the Linux kernel handles fragmented memory pages, allowing attackers to overwrite protected page-cache-backed data and escalate privileges to root access.<\/p>\n<p>The attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). \u201cOnce local access is established, successful exploitation may allow attackers to escalate privileges to root and gain broad control over the affected Linux host,\u201d the researchers said.<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4169399\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New \u2018Dirty Frag\u2019 exploit targets Linux kernel for root access https:\/\/www.csoonline.com\/article\/4169399\/new-dirty-frag-exploit-targets-linux-kernel-for-root-access.html Publish Date: 2026-05-11 08:02:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":243587,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.csoonline.com\/wp-content\/uploads\/2026\/05\/4169399-0-74801500-1778500916-shutterstock_680078968.jpg?quality=50&strip=all&w=1024","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[143,144,90,31,97,71,98,57,79],"class_list":["post-243586","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-almalinux","tag-centos","tag-cve","tag-exploit","tag-fedora","tag-linux","tag-opensuse","tag-security","tag-ubuntu"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243586"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=243586"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243586\/revisions"}],"predecessor-version":[{"id":243588,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/243586\/revisions\/243588"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/243587"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=243586"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=243586"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=243586"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}