CVE-2026-43500 and CVE-2026-43284: Dirty Frag Linux Privilege Escalation Flaw Raises Post-Compromise Risk

Dirty Frag (CVE-2026-43500 combined with CVE-2026-43284) is a Linux kernel RxRPC page-cache write flaw that allows an unprivileged local user — or an attacker with limited code execution via SSH, web shell, or container escape — to escalate to root by corrupting cached memory rather than on-disk files; Microsoft reports observed post-compromise abuse and Qualys provides a public PoC. The report details the vulnerability mechanics, visibility and detection gaps (memory-only changes), affected distributions, observed attacker behaviors, and interim mitigations including disabling rxrpc, hardening access, increasing telemetry, and applying vendor patches when available.