Linux Kernel Dirty Frag Vulnerability Allows Root Privilege Escalation Across All Distributions

Security researcher Hyunwoo Kim publicly disclosed Dirty Frag, two local privilege escalation vulnerabilities (CVE-2026-43284 and CVE-2026-43500) affecting the Linux kernel. The flaws allow an unprivileged local user to gain root privileges on nearly any Linux distribution. CVE-2026-43284 impacts the IPsec ESP/XFRM path, while CVE-2026-43500 affects RxRPC. Canonical assesses the CVSS score at 7.8 (High). No kernel patches are available yet—the disclosure embargo was broken. Canonical has published mitigation guidance involving blacklisting the esp4, esp6, and rxrpc kernel modules, though this breaks IPsec VPN and RxRPC functionality. Red Hat, SUSE, and Debian are also affected. This follows the Copy Fail vulnerability disclosed a week earlier.