DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Summary
A proof-of-concept (PoC) exploit has been released for a Linux kernel vulnerability, CVE-2026-31635, which allows for local privilege escalation. The vulnerability, named DirtyDecrypt or DirtyCBC, was reported by Zellic and V12 and is now patched.
IFF Assessment
The release of a PoC exploit for a local privilege escalation vulnerability is bad news for defenders as it can be used by attackers to gain higher privileges on compromised systems.
Severity
The vulnerability allows for Local Privilege Escalation (LPE), which typically has a high impact. Assuming a moderate attack vector (Local) and high impact on Confidentiality, Integrity, and Availability, a CVSS score in the high range is appropriate.
Defender Context
Defenders should prioritize patching their Linux systems immediately to mitigate the risk posed by this vulnerability. The availability of a PoC means that exploitation is more likely and could be incorporated into automated attack tools.