{"id":246018,"date":"2026-05-14T14:20:00","date_gmt":"2026-05-14T18:20:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/14\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root\/"},"modified":"2026-05-14T14:35:06","modified_gmt":"2026-05-14T18:35:06","slug":"another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/14\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root\/","title":{"rendered":"Another major Linux security issue uncovered &#8211; new Fragnesia flaw allows attackers to run malicious code as root"},"content":{"rendered":"<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root\">Another major Linux security issue uncovered &#8211; new Fragnesia flaw allows attackers to run malicious code as root<\/a><\/p>\n<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root\">https:\/\/www.techradar.com\/pro\/security\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-14 14:20:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.techradar.com\">www.techradar.com<\/a><\/p>\n<ul id=\"elk-37371436-2def-4ae7-9aa8-8a83bddecc16\">\n<li><strong>New Linux kernel flaw CVE\u20112026\u201146300 \u201cFragnesia\u201d allows local attackers to gain root <\/strong><\/li>\n<li><strong>Discovered by William Bowling of Zellic; <\/strong><\/li>\n<li><strong>PoC shows corruption of \/usr\/bin\/su page cache to get root shell<\/strong><\/li>\n<\/ul>\n<p id=\"elk-89c0b648-03f6-49c6-8191-1d03c5b8b6df\">Security researchers have discovered a new vulnerability in the Linux kernel which could allow malicious actors to run code with elevated privileges, exposing systems to risk of data theft, malware deployment, and even full device takeover.<\/p>\n<p>The vulnerability is tracked as CVE-2026-46300, and was given a severity score of 7.8\/10 (high). It\u2019s nicknamed Fragnesia and is apparently in the same vulnerability class as Dirty Frag, another kernel bug that was disclosed recently.<\/p>\n<p id=\"elk-89c0b648-03f6-49c6-8191-1d03c5b8b6df-2\">While Dirty Frag chains multiple flaws, Fragnesia comes in the form of a logic bug in the Linux XFRM EST-in-TCP subsystem. By writing arbitrary bytes to the kernel page cache of read-only files, unprivileged local attackers can gain root privileges, thus compromising the entire system.<\/p>\n<p><span class=\"inline-flex items-center gap-1.5 text-sm font-article-heading capitalize leading-5 text-white whitespace-nowrap\"><span class=\"jwp-carousel-title-mobile\"\/><span class=\"jwp-carousel-title-desktop\">Latest Videos From<\/span><span class=\"jwp-carousel-brand inline-flex items-center\" aria-hidden=\"true\"><\/span><\/span><img decoding=\"async\" src=\"https:\/\/www.techradar.com\/media\/img\/techradar_logo_v2.svg\" alt=\"\" class=\"max-h-12 w-auto\" aria-hidden=\"true\"\/><br \/>\n        <span class=\"\n            flex\n            after:content-[''] after:flex-1 after:ml-4 after:my-[0.7rem] after:border-t after:border-solid after:border-t-[#ccc]\n            before:content-[''] before:flex-1 before:mr-4 before:my-[0.7rem] before:border-t before:border-solid before:border-t-[#ccc]\n            font-article-heading pb-0 text-[length:var(--article-river-title--font-size,1em)] uppercase sm:text-[length:var(--article-river-title--font-size,0.875em)] font-bold\n        \"><br \/>\n            You may like<br \/>\n        <\/span><\/p>\n<h2 id=\"patches-and-killswitches-3\">Patches and killswitches<\/h2>\n<p id=\"elk-5c28a411-fdb4-4a55-ac70-48e3056654bf\">The bug was discovered by William Bowling of Zellic, who also shared a proof-of-concept (PoC) that \u201cachieves a memory-write primitive in the kernel that is used to corrupt the page cache memory of the \/usr\/bin\/su binary to get a shell with root privileges.\u201d<\/p>\n<p>&#8220;Fragnesia is a member of the Dirty Frag vulnerability class. This is a separate bug in the ESP\/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag,&#8221; Bowling said. &#8220;It abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition.&#8221;<\/p>\n<p>To mitigate the risk, Linux users should apply kernel updates for their distros without delay.<\/p>\n<p>Linux kernel vulnerabilities are a hot topic these days. Prompted by both Dirty Frag and Copy Fail, two recently disclosed flaws, co-maintainer Sasha&#8230;<\/p>\n<p><a href=\"https:\/\/www.techradar.com\/pro\/security\/another-major-linux-security-issue-uncovered-new-fragnesia-flaw-allows-attackers-to-run-malicious-code-as-root\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another major Linux security issue uncovered &#8211; new Fragnesia flaw allows attackers to run malicious&#8230;<\/p>\n","protected":false},"author":1,"featured_media":246019,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cdn.mos.cms.futurecdn.net\/MRcAF4wnJU8Qb7Bv7Lb9yd-1920-80.jpg","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,89,71,32,57,27],"class_list":["post-246018","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-flaw","tag-linux","tag-malware","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246018"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=246018"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246018\/revisions"}],"predecessor-version":[{"id":246020,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246018\/revisions\/246020"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/246019"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=246018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=246018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=246018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}