7.8
/ 10
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
**About Elevation of Privilege - Linux Kernel "Fragnesia" (CVE-2026-46300) vulnerability.** The vulnerability was discovered by researcher William Bowling together with the V12 team. Fragnesia belongs to the class of Dirty Frag vulnerabilities. It is an error in the ESP/XFRM subsystem, distinct from Dirty Frag, which was addressed with a separate patch. It allows achieving arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition.
🛠 Technical details and exploit code were published on May 15. The public exploit modifies the contents of /usr/bin/su in the kernel page cache, and then executes /usr/bin/su, resulting in the user obtaining a root shell. The on-disk binary is never modified. A reboot or cache flush restores normal system behavior.
⚙️ Fragnesia affects the same kernel versions as Dirty Frag. Any distribution shipping a kernel without the May 13 patch is vulnerable. The vulnerability was confirmed on Ubuntu 6.8.0-111-generic (April 11, 2026 build). Monitor kernel package updates for your Linux distribution(s).
For systems where a kernel update is not possible, the same workaround as for Dirty Frag is effective (blacklisting modules). Systems where the Dirty Frag workaround has already been applied are already protected against Fragnesia. Systems that only received Dirty Frag updates without applying the workaround remain vulnerable and require new updates addressing Fragnesia.
**About Elevation of Privilege - Linux Kernel "Fragnesia" (CVE-2026-46300) vulnerability.** The vulnerability was discovered by researcher William Bowling together with the V12 team. Fragnesia belongs to the class of Dirty Frag vulnerabilities. It is an error in the ESP/XFRM subsystem, distinct from Dirty Frag, which was addressed with a separate patch. It allows achieving arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition.
🛠 Technical details and exploit code were published on May 15. The public exploit modifies the contents of /usr/bin/su in the kernel page cache, and then executes /usr/bin/su, resulting in the user obtaining a root shell. The on-disk binary is never modified. A reboot or cache flush restores normal system behavior.
⚙️ Fragnesia affects the same kernel versions as Dirty Frag. Any distribution shipping a kernel without the May 13 patch is vulnerable. The vulnerability was confirmed on Ubuntu 6.8.0-111-generic (April 11, 2026 build). Monitor kernel package updates for your Linux distribution(s).
For systems where a kernel update is not possible, the same workaround as for Dirty Frag is effective (blacklisting modules). Systems where the Dirty Frag workaround has already been applied are already protected against Fragnesia. Systems that only received Dirty Frag updates without applying the workaround remain vulnerable and require new updates addressing Fragnesia.
Basic Information
ID
AVLEONOV:DC2C567BE0A660C930F16FF6A180612B
Published
May 28, 2026 at 14:00