Dirty Frag: Zero-Day Linux Exploit Gives Root With No Patches

One week after Copy Fail rattled the Linux ecosystem, a second kernel privilege escalation bug has emerged—and this time, there are no patches. Security researcher Hyunwoo Kim publicly disclosed "Dirty Frag" on May 7, 2026, after the embargo collapsed when someone reverse-engineered the exploit from visible kernel commits.

TL;DR

• What happened: Two kernel flaws chain together for instant root access on major Linux distributions
• Who's affected: Ubuntu 24.04, RHEL 10.1, Fedora 44, AlmaLinux, openSUSE Tumbleweed, CentOS Stream 10
• Severity: CVE-2026-43284 rated CVSS 7.8 (High)
• Action required: Blacklist esp4, esp6, and rxrpc kernel modules immediately—breaking IPsec VPNs and AFS

The Disclosure Fiasco

The Dirty Frag disclosure didn't go as planned. According to Kim's post on the oss-security mailing list, an unidentified third party independently discovered and began sharing exploit details after spotting the kernel commits staged for the embargo period. With the cat out of the bag, distribution maintainers agreed to proceed with public disclosure.

"Because the responsible disclosure schedule and embargo have been broken, no patches exist for any distribution," Kim wrote in the advisory.

This left administrators in an unusual position: a critical vulnerability with a working public exploit, but no official patches to deploy. The situation mirrors what happened with our coverage of the Copy Fail flaw just eight days earlier—though that bug at least had patches ready at disclosure.

How Dirty Frag Works

Dirty Frag chains two separate kernel vulnerabilities to achieve root access:

CVE-2026-43284 affects the xfrm-ESP subsystem (IPsec Encapsulating Security Payload). This bug has existed since January 2017 in the in-place decryption fast path, where the receive path decrypts directly over externally-backed pages.

CVE-2026-43500 targets the RxRPC subsystem used for AFS distributed file system operations. This flaw was introduced more recently, around 2023, in the rxkad authentication mechanism.

Both vulnerabilities enable page-cache manipulation through the kernel's cryptographic operations. According to Wiz Research, the exploit chains splice-based page-cache corruption to modify protected system files in memory.

The technical attack paths work as follows:

1. ESP/AF_ALG path: Overwrites the initial bytes of /usr/bin/su with minimal x86_64 ELF shellcode that executes setuid(0), setgid(0), and spawns /bin/sh
2. RxRPC/RXKAD path: Modifies the /etc/passwd root entry to have an empty password field, exploiting PAM's nullok option for passwordless authentication

The ESP path performs 48 splice operations across 4-byte chunks. Unlike Dirty Pipe and Copy Fail, the exploit is deterministic—no race conditions required.

What Systems Are Vulnerable

Tenable's FAQ confirms the following distributions are affected:

Distribution	Kernel Version	Status
Ubuntu 24.04.4	6.17.0-23-generic	Vulnerable
RHEL 10.1	6.12.0-124.49.1.el10_1	Advisory published
openSUSE Tumbleweed	7.0.2-1-default	Vulnerable
CentOS Stream 10	Various	Vulnerable
AlmaLinux 10	Various	Advisory published
Fedora 44	Various	Vulnerable

The xfrm-ESP component has been vulnerable since 2017, meaning kernels shipped over the past nine years carry the bug. The RxRPC flaw is newer, dating to 2023.

Exploitation Requirements

There's one silver lining. According to Wiz, exploitation typically requires CAP_NET_ADMIN privileges, making it "less likely in hardened containerized environments" where capabilities are restricted.

However, in virtual machines, bare-metal servers, and less restricted settings, the vulnerability remains critical. Organizations running Kubernetes nodes with mixed workloads should assess whether their containers grant NET_ADMIN capabilities—a practice that's unfortunately common in networking-focused pods.

This pattern echoes other recent Linux privilege escalation bugs. We covered a PackageKit flaw that similarly threatened container boundaries through local privilege escalation.

Immediate Mitigations

With no patches available, the only defense is removing the vulnerable kernel modules entirely. Kim recommends running:

sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"

This prevents the modules from loading and unloads them if already present. The significant downside: this breaks IPsec VPNs and AFS distributed network file systems.

For organizations relying on IPsec for site-to-site connectivity or AFS for network storage, this mitigation may not be feasible without disrupting critical operations.

Additional defensive measures include:

• Enforce strict SELinux or AppArmor policies (though note we recently covered critical AppArmor flaws that also enable privilege escalation)
• Restrict shell access and apply least-privilege principles
• Avoid granting CAP_NET_ADMIN to containers unless absolutely necessary
• Monitor for privilege escalation attempts and suspicious compilation activity

Patches Coming—Eventually

AlmaLinux published an advisory confirming patched kernels are now rolling out to production repositories. Red Hat has also issued guidance through RHSB-2026-003.

As of publication, not all distributions have released fixes. Check your specific distribution's security advisories for updated kernels.

The Bigger Picture

Two universal Linux root exploits in two weeks isn't a coincidence—it reflects the complexity of the kernel's crypto and networking subsystems. Both Copy Fail and Dirty Frag exploit page-cache manipulation through different kernel interfaces, suggesting this attack surface deserves additional scrutiny.

The embargo breach that forced premature disclosure also raises questions about coordinated vulnerability disclosure in 2026. When kernel commits are visible before patches ship, determined reverse engineers can race the disclosure timeline.

For defenders, the takeaway remains unchanged: assume local attackers can become root. Architect security around this assumption—with network segmentation, workload isolation, and detection capabilities that don't rely on kernel integrity.

Monitor our hacking news coverage for updates on active exploitation campaigns and patch availability across distributions.