Researchers disclosed Fragnesia (CVE-2026-46300), a Linux kernel local privilege escalation flaw that allows an unprivileged local user to gain root by corrupting the kernel page cache for read-only files. The bug, discovered by William Bowling of Zellic and the V12 team, is described as a new variant in the Dirty Frag family and affects Linux kernels released before May 13, 2026. It stems from faulty bookkeeping when shared page fragments are merged in socket buffers and can be triggered through the kernel's XFRM ESP-in-TCP path, with additional exposure through rxrpc on some systems. A public proof-of-concept exploit modifies the in-memory copy of files such as /usr/bin/su to spawn a root shell while leaving the on-disk binary unchanged, reducing forensic visibility.
Vendors and distributions moved quickly to publish advisories, patches, and mitigations as exploit code became public. AlmaLinux said releases 8, 9, and 10 are affected through esp4 and esp6, with AlmaLinux 9 and 10 also exposed through rxrpc when kernel-modules-partner is installed, and released backported fixes ahead of upstream vendor updates. Recommended mitigations include disabling or blacklisting the esp4, esp6, and rxrpc kernel modules, restricting unprivileged user namespaces, and monitoring for suspicious namespace creation or XFRM manipulation; AlmaLinux also advised dropping page cache if compromise is suspected. The disclosure comes amid heightened concern over Linux local-root bugs in the same code area, and one cybercrime forum post reportedly advertised a Linux LPE zero-day for sale for $170,000.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
12 events from the most recent confirmed update back to the earliest known activity.
Fixes for CVE-2026-46300 were propagated to multiple Linux stable branches by preserving the SKBFL_SHARED_FRAG marker during fragment transfer in skb_try_coalesce(). ENISA's EUVD entry published on May 23 also linked kernel.org stable commits and numerous SUSE advisories documenting the remediation.
Gentoo published an advisory on Copy Fail, Dirty Frag, and Fragnesia, stating that although upstream kernel releases were still vulnerable to Fragnesia, all supported Gentoo kernels already included the latest Fragnesia v5 patch. The distribution recommended using security-supported Gentoo kernel packages and automating kernel upgrades instead of relying on vulnerable vanilla kernel packages.
V12 published details of a Fragnesia-related Linux kernel variant that bypasses the CVE-2026-46300 fix through an unpatched skb_segment() path, enabling the same deterministic page-cache write primitive and local root escalation. The disclosure said the issue had been reported, but as of 2026-05-15 no merged patch fixed the root cause, though a pending netdev change might partially reduce exposure.
ThreatMon reported that a threat actor using the name berz0k was advertising a Linux local privilege escalation zero-day for sale on cybercrime forums for $170,000. The seller claimed the exploit worked across major Linux distributions, though no direct link to Fragnesia was confirmed.
Following disclosure, multiple Linux distributions issued advisories, and vendors including Microsoft and Red Hat recommended patching or applying mitigations such as disabling esp4, esp6, rxrpc, or related XFRM/IPsec functionality. Some distributions were also reported to have issued backported patches.
Researchers publicly disclosed Fragnesia as a new Dirty Frag-family Linux kernel local privilege escalation vulnerability tracked as CVE-2026-46300. Reports said it affects all Linux kernels released before May 13, 2026 and allows deterministic page-cache corruption leading to root access.
A candidate upstream patch for Fragnesia was submitted to the Linux netdev mailing list. This marked the start of the coordinated upstream remediation effort for kernels released before May 13, 2026.
AlmaLinux announced that AlmaLinux 8, 9, and 10 were affected and, because Red Hat patches were not yet available, backported the upstream fix and released patched kernels to its testing repository. It also published mitigations including blacklisting esp4, esp6, and rxrpc modules.
A working proof-of-concept exploit for CVE-2026-46300 was published on May 13, 2026. The exploit demonstrated modifying the in-memory copy of a read-only file such as /usr/bin/su to spawn a root shell without changing the on-disk file.
William Bowling of the V12 security team discovered Fragnesia, a Linux local privilege escalation flaw later assigned CVE-2026-46300. The bug affects kernel socket-buffer handling in ESP/IPsec and related code paths, enabling page-cache corruption and root escalation by a local unprivileged user.
An oss-sec discussion said commit f4c50a4034e6, introduced as a fix for CVE-2026-43284, accidentally activated the vulnerable code path later dubbed Fragnesia or "copyfail 3.0." The post estimated the exposure window at about nine days until upstream correction and noted exploitation generally requires user-namespace creation unless chained with another flaw.
Sam James posted an oss-security message disclosing the Linux local privilege escalation flaw later tracked as CVE-2026-46300, describing it as a new Dirty Frag-class bug in the XFRM ESP-in-TCP path. The post included exploit details and noted that a fix had been posted to netdev but had not yet landed in netdev, Linus's tree, or stable kernels.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
27 references tracked. Mallory keeps watching after this page renders.
euvd.enisa.europa.eu
Open sourcegentoo.org
Open sourcescworld.com
Open sourcethecyberexpress.com
Open sourceseclists.org
Open sourcelwn.net
Open sourcedeb.freexian.com
Open sourcesecurity-tracker.debian.org
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.