"Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days
4 hours ago
- #Linux Security
- #Kernel Vulnerability
- #Privilege Escalation
- Dirty Frag is a critical Linux kernel vulnerability that provides root access via code execution.
- It combines two CVEs: CVE-2026-43284 (patched) and CVE-2026-43500 (patch rollout ongoing).
- The exploit is deterministic and highly reliable, unlike previous race condition-based attacks.
- All mainstream Linux distributions from around 2017 onward are affected, including RHEL, Debian, and Ubuntu.
- The primary fix is to update the kernel and reboot; interim mitigation involves disabling vulnerable modules.
- This vulnerability follows Copy Fail (CVE-2026-31431), forming a repeatable class of page cache write attacks.
- Exploitation risk is immediate for unpatched servers, especially in web hosting environments.
- Public disclosure was premature due to leaks, reducing patch deployment time before exploitation.