A serious new Linux kernel local privilege escalation (LPE) vulnerability, dubbed Dirty Frag, has been publicly disclosed with a working proof-of-concept (PoC) exploit already available. The flaw chains two separate page-cache write vulnerabilities — the xfrm-ESP Page-Cache Write and the RxRPC Page-Cache Write — to achieve root access on virtually all major Linux distributions, making it one of the most significant Linux kernel security issues in recent years.
What Is Dirty Frag?
Dirty Frag belongs to the same vulnerability class as the notorious Dirty Pipe (CVE-2022-0847) and Copy Fail (CVE-2026-31431), but targets the frag member of the kernel’s struct sk_buff data structure rather than struct pipe_buffer. The vulnerability was discovered and reported by security researcher Hyunwoo Kim (@v4bel), but a premature embargo break on May 7, 2026, forced the full technical details — and the PoC exploit — into the public domain ahead of coordinated distribution patches.
The root cause lies in the zero-copy send path, where splice() plants a reference to a read-only page cache page — such as /etc/passwd or /usr/bin/su — into the frag slot of a sender-side socket buffer (skb). The receiver-side kernel code then performs in-place cryptographic operations directly on that frag, permanently modifying the page cache in RAM. Every subsequent read to the affected file sees the corrupted version, even though the unprivileged attacker was only granted read access.
The Two Exploit Paths
Unlike race-condition exploits that require precise timing, Dirty Frag is a deterministic logic bug. It requires no timing window, does not panic the kernel on failure, and carries an extremely high success rate.
xfrm-ESP Page-Cache Write: This variant resides in esp_input(), the IPsec ESP receive path. When an skb is non-linear but lacks a frag list, the code skips the mandatory skb_cow_data() buffer allocation step, jumping directly to in-place cryptographic decryption on the frag page. Using the XFRMA_REPLAY_ESN_VAL netlink attribute, the attacker can control both the file offset and value of each write operation, enabling arbitrary byte overwrites of read-only files. This variant requires user namespace creation capability (unshare(CLONE_NEWUSER)).
RxRPC Page-Cache Write: This variant resides in rxkad_verify_packet_1(), which performs in-place single-block pcbc(fcrypt) decryption on the first 8 bytes of the RxRPC payload. Since skb_to_sgvec() converts the splice-pinned page cache page directly into the scatter-gather list, the attacker-controlled page becomes both source and destination. The attacker brute-forces a session key in user space until the desired plaintext is produced — for instance, clearing the password field in /etc/passwd to enable PAM nullok authentication bypass — requiring absolutely no special privileges.
Affected Distributions and Kernel Versions
Chaining the two exploit paths achieves root access on essentially every major Linux distribution. The ESP vulnerability has been present since kernel commit cac2661c53f3 (January 2017), and the RxRPC flaw since commit 2dc334f1a63a (June 2023).
- The ESP path works on distributions where user namespaces are permitted by default (the majority of modern distros)
- The RxRPC path requires no special privileges and bypasses user namespace restrictions
- Affected distributions include Ubuntu, Debian, Fedora, RHEL, Arch Linux, and their derivatives
- No CVE identifiers have been assigned as of publication due to the premature embargo break
Patches and Immediate Mitigation
The ESP variant patch — using the SKBFL_SHARED_FRAG flag to ensure splice-pinned pages always route through skb_cow_data() — was merged into the netdev tree on May 7, 2026. The RxRPC patch, adding || skb->data_len to the existing skb_cloned() gate, is pending merge. Distribution-level backported patches are not yet available.
Until vendor patches are released, administrators should immediately blacklist the affected kernel modules with the following command:
printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true
Systems relying on IPsec VPN tunnels should weigh operational impact carefully before applying this workaround. Monitor the researcher’s GitHub and your Linux distribution’s security advisory channel for backported patches.
Why This Matters
The deterministic nature of Dirty Frag makes it significantly more dangerous than traditional race-condition privilege escalation vulnerabilities. Any attacker with limited user-level access to a Linux system — through a web shell, container escape, or any initial foothold — can reliably escalate to full root. With a public PoC already circulating, organizations should treat this as a critical priority and apply mitigations to all internet-facing and sensitive Linux systems immediately.