A local privilege escalation vulnerability in the Linux kernel, dubbed Dirty Frag (CVE-2026-43284, CVE-2026-43500), has been disclosed. It is a variant of the Dirty Pipe/Copy Fail class of vulnerabilities. Attackers with local low-privilege code execution can exploit xfrm-ESP and RxRPC processing paths to inject page cache pages into sk_buff frags, causing in-place encryption/decryption operations to write to read-only file page cache, ultimately enabling root access. Exploit code is already circulating. Deepin 25 users on 6.6 and 6.18 kernels should apply the released security update immediately.
1 Comment
Sort: