{"id":246156,"date":"2026-05-14T14:00:00","date_gmt":"2026-05-14T18:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/14\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks\/"},"modified":"2026-05-14T18:10:11","modified_gmt":"2026-05-14T22:10:11","slug":"linux-kernel-bug-fragnesia-allows-local-root-access-attacks","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/14\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks\/","title":{"rendered":"Linux Kernel bug Fragnesia allows local root access attacks"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/192145\/uncategorized\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html\">Linux Kernel bug Fragnesia allows local root access attacks<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/192145\/uncategorized\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html\">https:\/\/securityaffairs.com\/192145\/uncategorized\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-14 14:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>Linux Kernel bug Fragnesia allows local root access attacks<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> May 14, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/05\/Linux-Fragnesia.png?fit=1254%2C1254&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption.<\/h2>\n<p>Researchers disclosed a new Linux kernel privilege escalation vulnerability named Fragnesia, tracked as CVE-2026-46300 (CVSS score of 7.8). The flaw affects the XFRM ESP-in-TCP subsystem and could allow local attackers to gain full root access by corrupting the kernel page cache. <\/p>\n<p>Security experts warn that the issue is dangerous because attackers with low privileges can modify read-only files in memory and take complete control of vulnerable systems. The vulnerability was discovered by William Bowling of the V12 security team, while Wiz published a detailed technical analysis.<\/p>\n<p>\u201cThe vulnerability allows unprivileged local attackers to modify read-only file contents in the kernel page cache.\u201d reads the report published by Wiz. \u201cAttackers can then achieve root privileges through deterministic page-cache corruption.\u201d<\/p>\n<p>Fragnesia shares similarities with earlier Linux privilege escalation flaws, such as Dirty Frag and Copy Fail. According to researchers, the bug can reliably provide root access on major Linux distributions without requiring race conditions or complicated timing attacks.<\/p>\n<p>\u201cThis is a separate bug from Dirty Frag, but it affects the same attack surface.\u201d contibyes the report. \u201cThe mitigation strategy is also largely the same.\u201d<\/p>\n<p>Researchers explained that the vulnerability abuses a logic flaw inside the ESP\/XFRM networking subsystem, allowing arbitrary writes into the page cache memory of protected files such as \/usr\/bin\/su.<\/p>\n<p>\u201cFragnesia exploits a logic flaw in the Linux XFRM ESP-in-TCP implementation, specifically involving improper handling of shared page fragments during skb coalescing.\u201d states the report. \u201cThe exploit&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/192145\/uncategorized\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux Kernel bug Fragnesia allows local root access attacks https:\/\/securityaffairs.com\/192145\/uncategorized\/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html Publish Date: 2026-05-14 14:00:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":246157,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2026\/05\/Linux-Fragnesia.png","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,31,89,71,57,27],"class_list":["post-246156","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-exploit","tag-flaw","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246156"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=246156"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246156\/revisions"}],"predecessor-version":[{"id":246160,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246156\/revisions\/246160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/246157"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=246156"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=246156"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=246156"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}