LINUX users are facing a second severe kernel vulnerability in as many weeks, this time dubbed Dirty Frag, which enables low-privilege or untrusted users to gain root access in shared environments as long as a separate exploit is present.
Exploit code was leaked online three days before the report and is said to work across virtually all Linux distributions; Microsoft researchers wrote that there are signs of limited in-the-wild exploitation and that patches should be applied promptly, with a reboot likely required. The flaws are tracked as CVE-2026-43284 and CVE-2026-43500, and the disclosure follows last week’s Copy Fail vulnerability that had no end-user patches at that time.
Several distributors—Debian, AlmaLinux, and Fedora—had released patches by the time the article went live, while others are advised to consult their official providers for mitigation steps. The story notes that Dirty Frag chains together two kernel flaws affecting page caches in networking and memory-fragment handling components, enabling attackers to obtain root via combined exploit potential across esp/xfrm and rxrpc paths.