Dirty Frag 0Day alert

iGuRu.gr > Dirty Frag 0Day alert
1 min read

A vulnerability in the Linux Kernel called “Dirty Frag” was recently discovered, which allows Local Privilege Escalation (LPE) to the root user.

“Dirty Frag” is a similar exploit to the recent vulnerability “Copy/Fail"(CVE-2026-31431) which was recently revealed and is a follow-up to a previous vulnerability called “Dirty Pipe” (CVE-2022-0847This vulnerability is in the Linux kernel itself and therefore exists in many Linux distributions.

Discover more articles in search results.
recommended source on Google

All servers running Linux Kernels after 2017 (starting around version 4.14) are vulnerable to this issue. It is possible for a local user to gain root-level access to a Linux server by modifying the cache that the kernel reads when loading a binary.

As this is a new vulnerability that was disclosed on May 7, 2026, statements have not yet been published by many upstream maintainers of various operating systems.

CloudLinux: https://blog.cloudlinux.com/dirty-frag-mitigation-and-kernel-update

AlmaLinux: https://almalinux.org/blog/2026-05-07-dirty-frag/

The vulnerability currently affects the following operating systems:

  • CloudLinux 7 Hybrid
  • AlmaLinux/Rocky Linux 8
  • CloudLinux 8
  • AlmaLinux/Rocky Linux 9
  • CloudLinux 9
  • Alma Linux 10
  • CloudLinux 10
  • Ubuntu 20.04
  • Ubuntu 22.04
  • Ubuntu 24.04

Google preferences

Leave a Comment

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).


Read Next