Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Summary
A new unpatched local privilege escalation vulnerability named Dirty Frag has been discovered in the Linux kernel. This vulnerability is considered a successor to the Copy Fail flaw and allows attackers to gain root access across major Linux distributions.
IFF Assessment
The Dirty Frag vulnerability allows attackers to escalate privileges to root access on Linux systems, which is a significant threat to defenders.
Severity
The CVSS score is estimated based on the description of Dirty Frag as a successor to Copy Fail (CVE-2026-31431), which has a CVSS score of 7.8. Local privilege escalation vulnerabilities typically have high scores due to their impact.
CISA KEV: Listed as actively exploited. Federal patch due: May 15, 2026. Known ransomware use: Unknown.
Defender Context
This vulnerability poses a critical risk to Linux systems, enabling attackers to gain complete control. Defenders should monitor for any patches or advisories related to Dirty Frag and ensure timely updates for Linux kernels to mitigate the risk of privilege escalation and system compromise.