THE article discusses a new Linux kernel vulnerability named DirtyClone (CVE-2026-43503), discovered by JFrog Security Research. This is the fourth vulnerability in the DirtyFrag family, allowing unprivileged local users to escalate privileges to root by manipulating the Linux page cache without leaving traces. The exploit, which has a CVSS score of 8.8, enables attackers to rewrite executables in memory indirectly, thus bypassing typical security measures.
It primarily affects distributions like Debian and Fedora, while Ubuntu 24.04 restricts the attack vector. Patching is advised, as previous exploits in this family remain unaddressed, indicating further risks. Workarounds include disabling unprivileged user namespaces and blacklisting certain kernel modules.