Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Linux kernel DirtyClone privilege escalation (CVE-2026-43503)

Vulnerability
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2026-43503 in the Linux kernel gives a local user a path to root on affected systems, including multi-tenant servers, CI runners, container hosts, and Kubernetes clusters. JFrog Security Research published a working exploit walkthrough on June 25, showing how DirtyClone turns a kernel memory-corruption bug into full privilege escalation. The fix landed in mainline on May 21, so exposed deployments need to update now or apply temporary namespace and module restrictions.

Related Happenings

Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)

Vulnerability
H score41 First: 18.05.2026 10:18 Last: 18.05.2026 10:18 Sources 1

About this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...

Open Happening

Linux kernel XFRM ESP-in-TCP local privilege escalation (CVE-2026-46300)

Vulnerability
H score35 First: 14.05.2026 10:06 Last: 14.05.2026 10:06 Sources 1

About this happening: **Fragnesia** adds a fresh **Linux kernel** local privilege-escalation path, putting **unprivileged local attackers** on a route to **root access** across major distributions. The...

Latest development: 14.05.2026 16:00

Cloud security firm Wiz identified Fragnesia (CVE-2026-46300) in the Dirty Frag family, a Linux local privilege escalation that lets unprivileged local users gain root by corrupting the kernel page cache of read-only files. William Bowling of Zellic and the V12 team were credited with the discovery, and a working proof-of-concept exploit was published on May 13, 2026.

Open Happening

Linux kernel Dirty Frag and Copy Fail 2 privilege escalation (multiple vulnerabilities)

Vulnerability
H score31 First: 11.05.2026 11:15 Last: 11.05.2026 11:15 Sources 1

About this happening: A newly disclosed **Linux kernel** local privilege-escalation flaw, **Dirty Frag and Copy Fail 2**, can let an unprivileged user reach **root** on affected systems. The bug chains...

Open Happening

Linux kernel Dirty Frag local root escalation privilege-escalation flaw

Vulnerability
H score30 First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...

Open Happening

Linux kernel Dirty Frag blocklist mitigation

Advisory/Mitigation
H score41 First: 08.05.2026 08:12 Last: 08.05.2026 08:12 Sources 1

About this happening: **CloudLinx** and Linux distribution advisories now recommend blocklisting **esp4**, **esp6**, and **rxrpc** to reduce exposure to the **Dirty Frag** Linux kernel **LPE** while pa...

Open Happening

Timeline

  1. 26.06.2026 14:51 1 articles · 1h ago

    Broader DirtyFrag patch is submitted for remaining fragment-transfer helpers

    Mitigation Patch Update

    Hyunwoo Kim submits a broader multi-site patch for DirtyFrag that covers several remaining frag-transfer helpers and aims to preserve the shared-frag bit across skb fragment transfer paths.

    Show sources
    Open in new tab
  3. 25.06.2026 03:00 2 articles · 1d ago

    Working DirtyClone exploit walkthrough becomes public

    Initial Disclosure

    A working exploit walkthrough for DirtyClone shows how a local user can corrupt file-backed memory through a cloned network packet, reach root, and exercise the flaw on Debian, Ubuntu, and Fedora systems with default namespace configurations.

    Show sources
    Open in new tab