The "Dirty Frag" vulnerability is a local privilege escalation flaw comprising two Page-Cache Write issues: CVE-2026-43284 (xfrm-ESP, patched) and an unpatched RxRPC flaw (CVE-2026-43500 reserved), which together can grant root access. CVE-2026-43284 has a CVSS 3.1 score of 7.8 (High). The article does not provide specific affected or fixed version ranges from an authoritative source, nor does it specify a workaround for the unpatched component.
A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag In effect, Dirty Frag refers to two flaws: A xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284, aka Copy Fail 2.0), now patched in the Linux kernel, affects the modules supporting one of the protocols used for IPsec A RxRPC Page-Cache Write vulnerability (CVE number reserved: CVE-2026-43500), currently unpatched, affects the modules … More → The post Dirty Frag: Unpatched Linux vulnerability delivers root access appeared first on Help Net Security .