A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on May 13, 2026. The vulnerability does not have a CVE ID published, but is referred to as “Fragnesia.”  The vulnerability affects multiple Linux distributions, including all Ubuntu releases. The affected components are the Linux kernel […]

The Ubuntu Blog provides updates, tutorials, and insights on the Ubuntu operating system and related projects. Covering topics such as Linux desktops, server administration, and cloud computing, the blog offers resources for developers and sysadmins working with Ubuntu. Developers can learn how to set up, configure, and optimize Ubuntu systems for development, deployment, and production environments by following the Ubuntu Blog.

Ubuntu

A local privilege escalation (LPE) vulnerability called 'Fragnesia' was publicly disclosed on May 13, 2026, affecting the Linux kernel across all Ubuntu releases (14.04 through 26.04 LTS). It targets ESP (Encapsulating Security Protocol) kernel modules used by IPsec, the same modules affected by the earlier Dirty Frag vulnerability. Canonical rates it CVSS 3.1 score 7.8 (HIGH). Beyond host privilege escalation, it may also enable container escape in container deployments. Step-by-step mitigation instructions are provided: blocking esp4/esp6 kernel modules via modprobe configuration, regenerating initramfs, and unloading the modules. Systems that already applied Dirty Frag mitigations are already protected. The mitigation may impact IPsec/VPN deployments using tools like StrongSwan.

Fragnesia Linux kernel local privilege escalation vulnerability mitigations