DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

A proof-of-concept for a Linux kernel local privilege escalation vulnerability dubbed DirtyDecrypt (aka DirtyCBC, linked to CVE-2026-31635, CVSS 7.5) was published; the flaw is a missing copy-on-write guard in rxgk_decrypt_skb that can write into privileged process memory or page cache (e.g., /etc/shadow or SUID binaries), enabling local root escalation and potential container escapes. The report places DirtyDecrypt alongside related LPE variants (Copy Fail, Dirty Frag, Fragnesia), notes vendor advisories and discourse on emergency mitigations (kernel "killswitch") and Rocky Linux's opt-in accelerated security repository.