'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

Dirty Frag is a Linux kernel vulnerability chain (CVE-2026-43284 and CVE-2026-43500) that allows local attackers to modify protected files in memory and escalate to root by abusing page-cache writes in the xfrm-ESP and rxrpc modules. A public proof-of-concept exists, patches are available for one CVE while the other is pending, several major distributions are affected, limited exploitation has been observed, and vendors and defenders are advised to apply mitigations (disable unused modules, harden local access) and prioritize kernel updates.