CVE-2026-43284

Published May 8, 2026

Last updated a month ago

CVSS high 8.8
AWS
Ubuntu
Container Security
Server
ESP
Dirty Frag

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-43284, also known as part of the "Dirty Frag" vulnerability, is a flaw identified in the Linux kernel's xfrm-ESP subsystem. This vulnerability arises from an issue where the kernel performs in-place decryption on shared `skb` (socket buffer) fragments. Specifically, when `MSG_SPLICE_PAGES` attaches pages from a pipe directly to an `skb`, the IPv4/IPv6 datagram append paths failed to mark these `skbs` with `SKBFL_SHARED_FRAG` when splicing pages into UDP `skbs`. This oversight causes the ESP input path to decrypt data in place over buffers that are not privately owned by the `skb`, allowing unprivileged processes to retain references to the resulting plaintext. This mechanism effectively provides a write primitive into the page cache. The vulnerability was introduced in January 2017 and is related to a fast path for IPsec ESP receive. It is often discussed in conjunction with CVE-2026-43500, as the combination of these two flaws can be leveraged for local privilege escalation by manipulating the page cache to corrupt privileged files.

Description
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Modified
Products
linux_kernel

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
6
Exploitability score
2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-123

Social media

Hype score
Not currently trending

  1. Unpopular opinion: The cybersecurity industry is selling you dashboards. This week handed cloud-native security teams a convergent crisis: a deterministic Linux kernel privilege escalation chain ("Dirty Frag," CVE-2026-43284 + CVE-2026-43500) with a public PoC sits…

    @lyrie_ai

    21 Jun 2026

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2026-43284 TL;DR "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) is a newly disclosed, unpatched Linux kernel local privilege escalation vulnerability chain affecting all major distributions.

    @lyrie_ai

    15 Jun 2026

    51 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  3. ثغرة تصعيد امتيازات محلية في نواة Linux تتيح للمستخدم العادي الوصول لصلاحيات root، أُطلق عليها Dirty Frag المعرّفات : CVE-2026-43284, CVE-2026-43500 المكونات : esp4, esp6, rxrpc kernel modul

    @KasperskyDev

    7 Jun 2026

    211 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Dirty Frag / Kukurigu: Universal Linux kernel LPE chain. 3 CVEs (CVE-2026-43284/CVE-2026-43500/CVE-2026-46300) chain to write arbitrary data to page-cache pages via splice(). Root in <3s. PoC in 18h. Worse than Dirty COW — no race needed. https://t.co/dQxfhG91Rm

    @BunSnack

    6 Jun 2026

    7 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Two local privilege escalation flaws CVE-2026-31431 and CVE-2026-43284 in Ubuntu 18.04 and 20.04 LTS kernels, including Raspberry Pi and Azure variants, are under active exploitation, Ubuntu Security Notices USN-8390 and USN-8391 said. https://t.co/1sWdt9AJY9

    @threatcluster

    5 Jun 2026

    74 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  6. 2026 Linux 重置密码教程大全 - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300)

    @furlingdu

    1 Jun 2026

    158 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Linux Kernel “Dirty Frag” Local Privilege Escalation (LPE), CVE-2026-43284 & CVE-2026-43500 https://t.co/yWHTqpxw1z

    @Djax_Alpha

    27 May 2026

    190 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  8. 【Linuxカーネルに複数脆弱性、権限昇格とコンテナ環境に注意】 JVNは、Linuxカーネルにおける複数の脆弱性を公開しました。Dirty Frag関連のCVE-2026-43284 / CVE-2026-43500、Copy FailのCVE-2026-31431により、認証済みローカ

    @01ra66it

    26 May 2026

    725 Impressions

    1 Retweet

    5 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 HIGH: CVE-2026-43284 (CVSS 7.8) Linux kernel ESP in-place decrypt flaw on shared skb frags. Affects ESP-in-UDP packets using MSG_SPLICE_PAGES. Patch immediately. #CVE #Vulnerability #PatchNow #Linux https://t.co/5lENATXeLL

    @DFIR_Lab

    26 May 2026

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 刚发现一个有点离谱的东西:DirtyFrag,一个不需要跑窗口就能稳定提权的 Linux 内核漏洞利用链。 本质上把两个页缓存写漏洞(CVE-2026-43284 + CVE-2026-43500)串起来,直接覆盖内核页面拿 root。跟 Dirty Pipe 是一类 bug,

    @vintcessun

    25 May 2026

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300) -PinTheft (CVE-2026-43494)

    @luadoles

    22 May 2026

    193 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Linux 重置密码大全 - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300) -PinTheft (CVE-2026-4

    @hsn8086k

    22 May 2026

    37707 Impressions

    101 Retweets

    633 Likes

    317 Bookmarks

    40 Replies

    7 Quotes

  13. CVE-2026-43284 + CVE-2026-43500 Dirty Frag: escalada de privilegios via page cache en Linux https://t.co/DUYBrgfu1D

    @Blogredorbita

    18 May 2026

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. The new "Dirty Frag" CVE (CVE-2026-43284) is another reminder: patches fix 1 problem. Learning to automate your response fixes ALL of them. Read more -> https://t.co/2zDovm2m88 #SUSE #Security https://t.co/a43PEjqupQ

    @Cezar_H_Linux

    18 May 2026

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. Linuxのカーネルまわりの脆弱性(最近のやつ)の整理(as of 5月18日) ・Copy Fail / CVE-2026-31431 ・Dirty Frag (Copy Fail 2) / CVE-2026-43284, CVE-2026-43500 ・Fragnesia / CVE-2026-46300 ・DirtyDecrypt (Fragnesia亜種) LPE連打が厄介。

    @_hito_

    18 May 2026

    2501 Impressions

    13 Retweets

    18 Likes

    7 Bookmarks

    0 Replies

    1 Quote

  16. Dirty Flag / Fragnesia も KB が出てた。Copy Fail と似たような感じか。 Impact Evaluation of CVE-2026-43284, CVE-2026-43500, and CVE-2026-46300 (Dirty Frag/Fragnesia) of VMware by Broadcom product portfolio https://t.co/R0qATFzxuo

    @IrieMasahiro

    18 May 2026

    415 Impressions

    3 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Azure Kubernetes Fleet Manager now enables at-scale mitigation of CVE-2026-31431 and CVE-2026-43284/43500 using DaemonSet. Enhance your cloud security with efficient vulnerability management. #NerdieCloud #CloudNews #CloudUpdates #Azure #Microsoft #CloudSecurity https://t.co/A1Qr

    @NewsNerdie

    16 May 2026

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. nu11secur1ty: CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300 -... https://t.co/Njo9b6A8Fa

    @nu11secur1ty1

    16 May 2026

    49 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Linux dünyasında son 2 haftada peş peşe kritik root exploitleri ortaya çıktı: • Copy Fail (CVE-2026-31431) • Dirty Frag (CVE-2026-43284) • Fragnesia Ubuntu, Debian, Arch, RHEL ve hatta WSL2 etkilenenler arasında. Ortak nokta: Normal kullanıcı → root yetkisi.

    @yuceltoluyag

    16 May 2026

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Linuxのカーネルまわりの脆弱性(最近のやつ)の整理: ・Copy Fail / CVE-2026-31431 ・Dirty Frag / CVE-2026-43284, CVE-2026-43500 ・Fragnesia / CVE-2026-46300 ・Fragnesia亜種 / CVE未採番 <- 5/16(日本時間)に登場した新種

    @_hito_

    16 May 2026

    608 Impressions

    8 Retweets

    17 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  21. 📰 Newsletter RadioCSIRT, N°54 Au sommaire de la semaine du 9 au 15 mai 2026 : famille Dirty Frag (CVE-2026-43284 / 43500), YellowKey contre BitLocker, CVE-2026-40361 zero-click Outlook, AMD-SB-7052, Shai-Hulud, et bien plus. https://t.co/fSsRlrZgPs ⚡ On ne réfléchi

    @marcfredericgo

    16 May 2026

    92 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Copy Fail, Dirty Frag로 잘 알려진 CVE-2026-31431 CVE-2026-43284 CVE-2026-43500 의 검증,패채,확인 을 위해서 툴을 만들었어요. Linux용 실행파일 하나로 assess, remediate, verify 가능하게 만듬(amd64,arm64지원; rollback도 지원) https://t.co

    @skshin2000

    16 May 2026

    164 Impressions

    2 Retweets

    3 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  23. BREAKING: SUSE Linux ships critical kernel fixes for CVE-2026-43284 and CVE-2026-43500 affecting Enterprise 15 SP6, 16.0 and Micro 6.0/6.1, with public PoCs driving urgent patching. https://t.co/O0ZUmmjqsh

    @threatcluster

    15 May 2026

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. Patching Dirty Frag (CVE-2026-43284/CVE-2026-43500) on Oracle Linux? This script works. But after you patch, you need to understand the next 0-day. Read more -> https://t.co/vpF08XYMdP https://t.co/UJL9DlCHWJ

    @Cezar_H_Linux

    15 May 2026

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  25. 🚨 Dirty Frag = root access via RAM corruption. No disk writes. FIM blind. CVE-2026-43284 + CVE-2026-43500 hit RHEL, Ubuntu, Debian & more. Patch now, blacklist esp4/esp6/rxrpc. Read here: https://t.co/WksXdUWmK6 #LinuxSecurity #CyberThreats https://t.co/Ch89IHZk6p

    @sequretek_sqtk

    15 May 2026

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. 2026 Linux 如何重置密碼 - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300)

    @sayaalauun

    14 May 2026

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Dirty Frag (CVE-2026-43284およびCVE-2026-43500): Linuxカーネル ESPおよび RxRPC経由のパッチ未適用のローカル権限昇格検出 https://t.co/TCjAhoy9mX

    @TYOBlackHatNews

    14 May 2026

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. CachyOS patcht Dirty Frag und Copy Fail im Linux-Kernel Innerhalb einer Woche wurden zwei schwerwiegende Sicherheitslücken im Linux Kernel öffentlich bekannt: Copy Fail (CVE-2026-31431) sowie Dirty Frag (CVE-2026-43284 und CVE-2026-43500). Beide Schwachstellen ermöglichen es

    @tec4net

    14 May 2026

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Them: Linux is most secure OS Me: Yes - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300)

    @hetmehtaa

    14 May 2026

    72711 Impressions

    41 Retweets

    378 Likes

    163 Bookmarks

    40 Replies

    15 Quotes

  30. 😮‍💨За місяць аж три критичні вразливості у Linux: Copy Fail (CVE-2026-31431), DirtyFrag (CVE-2026-43284 та CVE-2026-43500), і найсвіжіша, з того ж сімейства Karnel LPE — Fragnesia (CVE-2026-46300), що бул

    @manbiitesdog

    14 May 2026

    157 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. Four critical Linux kernel LPEs in just 15 days. This isn't just a bad week; it’s a historic threat to Linux infrastructure. 🚨Copy Fail (CVE-2026-31431) 🚨Dirty Frag (CVE-2026-43284) 🚨Copy Fail 2 (CVE-2026-43500) 🚨Fragnesia (CVE-2026-46300) Every single one of t

    @Maxprotectsoc

    14 May 2026

    129 Impressions

    1 Retweet

    3 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  32. Four critical Linux kernel LPEs in just 15 days. This isn't just a bad week; it’s a historic threat to Linux infrastructure. 🚨Copy Fail (CVE-2026-31431) 🚨Dirty Frag (CVE-2026-43284) 🚨Copy Fail 2 (CVE-2026-43500) 🚨Fragnesia (CVE-2026-46300) Every single one of t

    @Maxprotectsoc

    14 May 2026

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Dirty Frag (CVE-2026-43284 & CVE-2026-43500) - [ Indonesia Language ] This video discusses Dirty Frag (CVE-2026-43284 & CVE-2026-43500), a Linux kernel vulnerability that enables Local Privilege Escalation (LPE). https://t.co/g2VDY4mv0s

    @roomkangali

    14 May 2026

    134 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. 2026 Linux 重置密码教程大全 - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300)

    @hsn8086k

    14 May 2026

    69819 Impressions

    179 Retweets

    1061 Likes

    459 Bookmarks

    12 Replies

    11 Quotes

  35. 記憶バッファに収まらないんですが…… ・Copy Fail / CVE-2026-31431 ・Dirty Frag / CVE-2026-43284, CVE-2026-43500 ・Fragnesia / CVE-2026-46300

    @_hito_

    14 May 2026

    26921 Impressions

    37 Retweets

    230 Likes

    117 Bookmarks

    1 Reply

    3 Quotes

  36. 『Dirty Frag(CVE-2026-43284 および CVE-2026-43500):Linux カーネルの ESP と RxRPC を介した未修正のローカル権限昇格の検知』 https://t.co/N7ZezgXsEu #DirtyFrag #脆弱性 #特権昇格 #サイバーセキュリティ #Sysdig

    @TakaoShimizu1

    13 May 2026

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Linux “Dirty Frag”系の権限昇格、片方(CVE-2026-43284)は修正版公開済み。CVE-2026-43500は主要ディストリ向け未提供。「全部パッチで解決」ではなく、今は更新+緩和+監視の3点セットが現実的。 https://t.co/qTWKEgms

    @rakushu_sec

    13 May 2026

    76 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  38. Dirty Frag (CVE-2026-43284 & CVE-2026-43500) gives attackers a near-certain path from minor foothold to full root access—silently—across virtually every major enterprise Linux distribution. Patch now. Learn more here: 🔗 https://t.co/NVQh3zkWQc https://t.co/oGvCx1Chzm

    @safebreach

    13 May 2026

    141 Impressions

    1 Retweet

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  39. ⁦Linux⁩ يواجه ثغرة حادة ثانية في أسبوعين. استغلال ⁦Dirty Frag⁩ يسمح بالوصول إلى المسؤول عبر ⁦CVE-2026-43284⁩ و ⁦CVE-2026-43500⁩. تصحيحات من ⁦Debian⁩ و ⁦AlmaLinux⁩ و ⁦Fedora⁩. ثبّ

    @ssict

    13 May 2026

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  40. Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain https://t.co/YwgDBpNLUV https://t.co/CIVOjOLHTK

    @dansantanna

    13 May 2026

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. 🚨 #AlertaSOC Nuevas vulnerabilidades críticas en kernel de Linux sobre CVE-2026-43284 y CVE-2026-43500 que afectan a la ruta xfrm/ESP (IPsec) y en el módulo/protocolo RxRPC, respectivamente. #CiberseguridadAND Actualizar el kernel a la mayor brevedad 🔗 https://t.co/02bpl

    @CentroCiberAND

    13 May 2026

    112 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Top 5 Trending CVEs: 1 - CVE-2026-6973 2 - CVE-2026-41940 3 - CVE-2026-43284 4 - CVE-2026-33634 5 - CVE-2026-42248 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    12 May 2026

    123 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  43. 🚨Linuxの新たな脆弱性「Dirty Frag」 攻撃で悪用されている可能性(CVE-2026-43284、CVE-2026-43500) 💡先週の脆弱性開示を受け、Linuxカーネルのキルスイッチが提案される(CVE-2026-31431) 〜サイバーアラート5月12日

    @MachinaRecord

    12 May 2026

    168 Impressions

    1 Retweet

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  44. CVE-2026-43284: The Dirty Frag Linux vulnerability (CVE-2026-43284 & CVE-2026-43500) is being actively exploited in the wild. Learn how to secure your servers from this root LPE exploit. #DirtyFrag #LinuxSecurity #CyberSecurity #ZeroDay #Vulnerability #ExploitInTheWild…

    @lyrie_ai

    12 May 2026

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  45. Dirty Frag — CVE-2026-43284 / CVE-2026-43500 Detection Script https://t.co/Nz7UOzh43g

    @jedisct1

    11 May 2026

    622 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  46. Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain https://t.co/sMBGdL0Emh https://t.co/6iecQje2oH

    @EAlexStark

    11 May 2026

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain https://t.co/bcaG0fVEbl https://t.co/43U54oq63P

    @Trej0Jass

    11 May 2026

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. Over the weekend, we responded to the critical "DirtyFrag" Linux vulnerability (CVE-2026-43284 and CVE-2026-43500) by deploying an emergency kernel patch across all regions. While our systems are not affected by the RxRPC vulnerability (CVE-2026-43500) as we don't compile that

    @upsundotcom

    11 May 2026

    268 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  49. 🚨 New CVEs w/ exploits: osTicket CSRF (CVE-2026-8194), Canias ERP RCE (CVE-2026-8217), GDAL overflow & more. Linux 'Dirty Frag' LPE chain for root (CVE-2026-43284/43500). HN buzz: AI fatigue, cloud costs, local AI. Patch fast! Simplify stacks. #infosec #Linux

    @cageyvdev

    11 May 2026

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. CVE-2025-68670 — xrdp pre-auth RCE Zero creds needed. Port 3389 access = RCE. Chain: xrdp RCE → Dirty Frag (CVE-2026-43284) = remote-to-root OpenCanary: 158,515 RDP hits this week. Patch now. Block 3389 from internet. #ThreatIntel #CVE #RDP #CVE202568670

    @NoctisIntel

    9 May 2026

    365 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. CVE-2024-31884
  2. CVE-2025-14269
  3. LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following VulnerabilityCVE-2026-54420
  4. Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.CVE-2026-45447
  5. Check Point Security Gateway Improper Authentication VulnerabilityCVE-2026-50751

References

Sources include official advisories and independent security research.