logo

DirtyClone Linux Kernel LPE Flaw Lets Local Users Gain Root Access

ID: 820f7eff-9365-5314-8543-1157f231419f

STIX ID: report--820f7eff-9365-5314-8543-1157f231419f

Feed Name: Cyber Press

Threat Score
78/100

Date Published: 2026-06-27

Date Updated: 2026-06-27

Author: Lucas Martin

...
...

DirtyClone (CVE-2026-43503) is a high-severity Linux kernel local privilege escalation in the DirtyFrag family that allows an unprivileged local user to gain root by exploiting a missing SKBFL_SHARED_FRAG flag propagation during packet cloning (via __pskb_copy_fclone()/netfilter TEE), enabling writes into file-backed page-cache memory without on-disk changes; affected distributions include Debian, Ubuntu, and Fedora where unprivileged user namespaces are enabled, and mitigations include upgrading to kernel v7.1-rc5 or applying backported patches, disabling unprivileged user namespaces, or blacklisting IPsec modules.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.