Exploit for Write-what-where Condition in Linux Linux_Kernel_AD3CFC19-837C-599D-972C-39AEBBD5AA8E

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

Dirty Frag 深度技术分析 CVE-2026-43284 xfrm-ESP / CVE-2026-43500 RxRPC Linux 内核本地提权漏洞 — PoC 逆向 · Shellcode 拆解 · 补丁原理 · 检测脚本漏洞概述 Dirty Frag 通过链式利用 xfrm-ESP Page-Cache Write 和 RxRPC Page-Cache Write 两个独立漏洞，在几乎所有主流 Linux 发行版上实现本地普通用户到 root 的提权。 -...

Visit Original Source

Basic Information

ID AD3CFC19-837C-599D-972C-39AEBBD5AA8E

Published May 8, 2026 at 19:18

Modified May 8, 2026 at 19:27

{
    "lastseen": "2026-05-08T19:30:56",
    "description": "Dirty Frag \u6df1\u5ea6\u6280\u672f\u5206\u6790 CVE-2026-43284 xfrm-ESP / CVE-2026-43500 RxRPC Linux \u5185\u6838\u672c\u5730\u63d0\u6743\u6f0f\u6d1e \u2014 PoC \u9006\u5411 \u00b7 Shellcode \u62c6\u89e3 \u00b7 \u8865\u4e01\u539f\u7406 \u00b7 \u68c0\u6d4b\u811a\u672c \u6f0f\u6d1e\u6982\u8ff0 Dirty Frag \u901a\u8fc7\u94fe\u5f0f\u5229\u7528 xfrm-ESP Page-Cache Write \u548c RxRPC Page-Cache Write \u4e24\u4e2a\u72ec\u7acb\u6f0f\u6d1e\uff0c\u5728\u51e0\u4e4e\u6240\u6709\u4e3b\u6d41 Linux \u53d1\u884c\u7248\u4e0a\u5b9e\u73b0\u672c\u5730\u666e\u901a\u7528\u6237\u5230 root \u7684\u63d0\u6743\u3002 -...",
    "published": "2026-05-08T19:18:21",
    "modified": "2026-05-08T19:27:56",
    "type": "githubexploit",
    "title": "Exploit for Write-what-where Condition in Linux Linux_Kernel",
    "source": "",
    "references": "",
    "id": "AD3CFC19-837C-599D-972C-39AEBBD5AA8E",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2026-43284",
        "CVE-2026-43500"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/lr1458644438/Dirty-Frag-Analysis",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply