https://ai-blog.noorshomelab.dev/tags/cve/Recent content in Cve on AI VOIDHugoenTue, 19 May 2026 00:00:00 +0000https://ai-blog.noorshomelab.dev/news/dirty-frag-linux-lpe-vulnerability/Tue, 19 May 2026 00:00:00 +0000https://ai-blog.noorshomelab.dev/news/dirty-frag-linux-lpe-vulnerability/<p>Unprivileged local users on a wide range of Linux distributions, including those released in the last seven years, face critical risk from &ldquo;Dirty Frag,&rdquo; a new local privilege escalation (LPE) vulnerability chain. Publicly disclosed on May 7, 2026, this flaw combines two distinct kernel vulnerabilities, primarily in the IPsec subsystem and RxRPC, enabling local privilege escalation to root. Active exploitation has been confirmed by multiple security vendors.</p> <h2 id="what-is-dirty-frag">What is Dirty Frag?</h2> <p>Dirty Frag is the collective name for a critical Linux kernel LPE vulnerability chain. It allows an attacker with local, unprivileged access to a system to escalate their privileges to <code>root</code>. This is achieved by chaining two distinct kernel bugs: one within the IPsec subsystem and another in RxRPC.</p>