{"id":244193,"date":"2026-05-12T05:14:00","date_gmt":"2026-05-12T09:14:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/12\/linux-security-concerns-deepen-after-dirty-frag-discovery\/"},"modified":"2026-05-12T05:30:09","modified_gmt":"2026-05-12T09:30:09","slug":"linux-security-concerns-deepen-after-dirty-frag-discovery","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/12\/linux-security-concerns-deepen-after-dirty-frag-discovery\/","title":{"rendered":"Linux security concerns deepen after &#8216;Dirty Frag&#8217; discovery"},"content":{"rendered":"<p><a href=\"https:\/\/www.computing.co.uk\/news\/2026\/security\/linux-security-concerns-deepen-after-dirty-frag-discovery\">Linux security concerns deepen after &#8216;Dirty Frag&#8217; discovery<\/a><\/p>\n<p><a href=\"https:\/\/www.computing.co.uk\/news\/2026\/security\/linux-security-concerns-deepen-after-dirty-frag-discovery\">https:\/\/www.computing.co.uk\/news\/2026\/security\/linux-security-concerns-deepen-after-dirty-frag-discovery<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-12 05:14:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.computing.co.uk\">www.computing.co.uk<\/a><\/p>\n<h2 id=\"developers-consider-emergency-killswitch\">Developers consider emergency &#8216;killswitch&#8217;<\/h2>\n<\/p>\n<p><strong>A second serious flaw affecting the Linux kernel has been disclosed within weeks, prompting calls for emergency defensive measures from kernel developers.<\/strong><\/p>\n<p>The newly revealed vulnerability, nicknamed &#8220;Dirty Frag,&#8221; allows attackers with low-level access to an affected system to gain full administrative control, according to security researchers and Linux distribution maintainers.<\/p>\n<p>The flaw was discovered by independent researcher Hyunwoo Kim, who said it affects the same area of the Linux kernel implicated in last month&#8217;s widely publicised &#8220;Copy Fail&#8221; vulnerability.<\/p>\n<p>Like its predecessor, Dirty Frag can be used to escape from cloud containers \u2013 isolated environments commonly used by technology firms to run applications securely on shared servers.<\/p>\n<p>Such attacks are considered especially dangerous because they can allow hackers to move from a single compromised application to the wider host system.<\/p>\n<p>Security experts say the bug affects most major Linux distributions currently in use.<\/p>\n<p>Kim privately reported the issue to Linux maintainers on 30th April under the industry&#8217;s standard coordinated disclosure process, which typically gives developers time to prepare fixes before details are made public.<\/p>\n<p>However, the disclosure process broke down after an unknown third party independently published exploit code on 7th May.<\/p>\n<p>&#8220;Because the embargo has currently been broken, no patch or CVE exists,&#8221; Kim wrote in a public post to the oss-security mailing list, explaining why he had decided to release his own technical analysis and proof-of-concept exploit after consulting maintainers.<\/p>\n<p>The vulnerability is now being tracked as two linked flaws, CVE-2026-43284 and CVE-2026-43500, each affecting different parts of the kernel&#8217;s networking subsystem.<\/p>\n<p>       &#8230;<br \/>\n<br \/><a href=\"https:\/\/www.computing.co.uk\/news\/2026\/security\/linux-security-concerns-deepen-after-dirty-frag-discovery\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux security concerns deepen after &#8216;Dirty Frag&#8217; discovery https:\/\/www.computing.co.uk\/news\/2026\/security\/linux-security-concerns-deepen-after-dirty-frag-discovery Publish Date: 2026-05-12 05:14:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":244194,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.computing.co.uk\/news\/2026\/security\/media_12d4abfdc50c1c37c279085f82613eeca6d5c9be1.png?width=1200&format=pjpg&optimize=medium","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,31,89,71,57,27],"class_list":["post-244193","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-exploit","tag-flaw","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/244193"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=244193"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/244193\/revisions"}],"predecessor-version":[{"id":244196,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/244193\/revisions\/244196"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/244194"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=244193"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=244193"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=244193"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}