Discovered by Korean security researcher Hyunwoo Kim, Dirty Frag chains two separate kernel vulnerabilities to hand any local user a root shell on virtually every major Linux distribution — and right now, no patch exists for any of them.
Just days after Copy Fail (CVE-2026-31431) sent Linux administrators scrambling to patch a near-universal privilege escalation bug, the Linux community is staring down a successor that's arguably worse.
Dirty Frag was disclosed publicly on May 8, 2026, after a third party broke the coordinated embargo, forcing researcher Kim to release the full exploit before any distribution had issued a patch.
There are currently no CVE identifiers and no fixes for any affected distribution.
What Makes Dirty Frag Different
Like its predecessors, Dirty Pipe and Copy Fail, Dirty Frag exploits the Linux kernel's page cache (the in-memory copy of files that the kernel maintains for performance). The attacker gets the kernel itself to overwrite those in-memory file copies — without ever needing write permission on the actual file.
The flaw chains two independent kernel vulnerabilities:
- xfrm-ESP Page-Cache Write — found in the IPsec/ESP networking stack (
esp_input()), present since kernel commitcac2661c53f3in January 2017. When a non-linear socket buffer (skb) carrying a splice-pinned page cache reference bypasses the mandatoryskb_cow_data()copy-on-write check, the ESP decryption path performs an in-place 4-byte store directly into the page cache. The attacker controls both the exact file offset and the value written, turning it into a precise arbitrary-write primitive. - RxRPC Page-Cache Write — found in the RxRPC/rxkad subsystem (
rxkad_verify_packet_1()), present since June 2023. Without requiring any namespace privileges, it performs an 8-byte in-placepcbc(fcrypt)decrypt directly onto the same type of splice-pinned page. The exploit brute-forces a suitable decryption key entirely in user space before triggering the kernel write — making the entire operation deterministic.
Unlike race-condition vulnerabilities that can crash a machine mid-exploit, Dirty Frag is a pure logic bug. It does not require timing luck, does not crash the kernel on failure, and succeeds on the first attempt.
Why Chaining Two Bugs Makes It Universal
Neither vulnerability alone covers every major distribution. The ESP path requires the ability to create unprivileged user namespaces, which Ubuntu sometimes blocks via AppArmor. The RxRPC path doesn't need namespaces, but the rxrpc.ko kernel module isn't shipped by default on most distributions — except Ubuntu, where it loads automatically.
.gif "Dirty Frag Exploit") |
| Dirty Frag PoC |
Critically, Dirty Frag works even on systems where the Copy Fail mitigation (blacklisting the algif_aead module) has already been applied. The two vulnerabilities hit entirely different kernel subsystems.
Affected Versions
The xfrm component has been vulnerable since January 2017; the RxRPC component since June 2023. Confirmed affected distributions include Ubuntu 24.04.4, RHEL 10.1, CentOS Stream 10, AlmaLinux 10, Fedora 44, and openSUSE Tumbleweed — covering kernels up to 7.0.x.
How to Protect Your System Now
Because the embargo broke before patches were ready, the only available mitigation is to block or remove the vulnerable kernel modules:
sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' \ > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
This disables IPsec ESP and RxRPC. For most desktop and general-purpose server workloads, this has no practical impact. Organizations relying on IPsec VPN tunnels using ESP mode should evaluate the tradeoff carefully.
Watch your distribution's security advisory channels for backported kernel patches as they become available.
Kim submitted the rxrpc patch to the netdev mailing list on April 29, 2026. The linux-distros embargo was set for May 12. An unrelated third party published the ESP exploit publicly on May 7, breaking the embargo and triggering immediate full disclosure.