{"id":245442,"date":"2026-05-13T10:13:00","date_gmt":"2026-05-13T14:13:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/13\/new-linux-kernel-vulnerability-enables-root-access\/"},"modified":"2026-05-13T18:15:10","modified_gmt":"2026-05-13T22:15:10","slug":"new-linux-kernel-vulnerability-enables-root-access","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/13\/new-linux-kernel-vulnerability-enables-root-access\/","title":{"rendered":"New Linux Kernel Vulnerability Enables Root Access"},"content":{"rendered":"<p><a href=\"https:\/\/cybersecuritynews.com\/fragnesia-linux-vulnerability\/\">New Linux Kernel Vulnerability Enables Root Access<\/a><\/p>\n<p><a href=\"https:\/\/cybersecuritynews.com\/fragnesia-linux-vulnerability\/\">https:\/\/cybersecuritynews.com\/fragnesia-linux-vulnerability\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-13 10:13:00<\/a><\/p>\n<p>Source Domain: <a href=\"cybersecuritynews.com\">cybersecuritynews.com<\/a><\/p>\n<p>A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable local privilege escalation exploits seen in recent years.<\/p>\n<p>Discovered by William Bowling of the V12 security team, Fragnesia joins a growing class of dangerous kernel bugs that silently rewrite the rules of Linux security.<\/p>\n<p><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">Fragnesia belongs to the Dirty Frag vulnerability class<\/span>, a cousin of the infamous\u00a0Dirty Pipe\u00a0and\u00a0Copy Fail\u00a0bugs, but targets a separate logic flaw in the Linux XFRM ESP-in-TCP subsystem.<\/p>\n<p>The name itself hints at the mechanism: the kernel \u201cforgets\u201d that a fragment is shared during socket buffer coalescing, corrupting memory it was never supposed to touch.<\/p>\n<h2 class=\"wp-block-heading\" id=\"how-fragnesia-works\"><strong>Fragnesia Works Linux Kernel Vulnerability<\/strong><\/h2>\n<p>The exploit weaponizes a subtle logic bug in how the kernel handles ESP-in-TCP ULP (Upper Layer Protocol) mode.<\/p>\n<p>When a TCP socket transitions to espintcp ULP after file data has already been spliced into the receive queue, the kernel mistakenly processes those queued file pages as ESP ciphertext.<\/p>\n<p>This causes a single AES-GCM keystream byte to be XORed directly into a read-only file\u2019s kernel page cache no race condition needed.<\/p>\n<p>By carefully selecting an IV nonce to produce any desired keystream byte, an attacker can flip any byte in a cached file to any value, one byte per trigger invocation.<\/p>\n<p>The exploit constructs a 256-entry lookup table mapping all possible keystream bytes to their corresponding nonces, then iterates over a malicious payload, overwriting the first 192 bytes of \/usr\/bin\/su in the page cache with a small ELF stub that calls setresuid(0,0,0) and executes \/bin\/sh.<\/p>\n<p>Crucially, the on-disk binary remains completely untouched; only the in-memory page cache is modified.<\/p>\n<h2 class=\"wp-block-heading\" id=\"affected-versions-and-mitigation\"><strong>Affected Versions and Mitigation<\/strong><\/h2>\n<p><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">Every Linux kernel version affected by Dirtyfrag,<\/span> effectively any kernel before\u00a0May 13, 2026,\u00a0is&#8230;<\/p>\n<p><a href=\"https:\/\/cybersecuritynews.com\/fragnesia-linux-vulnerability\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New Linux Kernel Vulnerability Enables Root Access https:\/\/cybersecuritynews.com\/fragnesia-linux-vulnerability\/ Publish Date: 2026-05-13 10:13:00 Source Domain: cybersecuritynews.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":245445,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"http:\/\/cybersecuritynews.com\/wp-content\/uploads\/2026\/05\/Fragnesia-Linux-Vulnerability.webp","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[31,89,71,57,27],"class_list":["post-245442","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-exploit","tag-flaw","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/245442"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=245442"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/245442\/revisions"}],"predecessor-version":[{"id":245446,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/245442\/revisions\/245446"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/245445"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=245442"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=245442"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=245442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}