Two Linux kernel local privilege escalation vulnerabilities emerged within the span of a single week, shaking the confidence of system administrators and security professionals. On April 29, 2026, security firm Theori disclosed Copy Fail (CVE-2026-31431), an AI-discovered logic flaw in the kernel’s cryptographic module. Just one week later, researcher Hyunwoo Kim published Dirty Frag (CVE-2026-43284 and CVE-2026-43500), a pair of chained page-cache bugs that together grant root access to every major Linux distribution. Understanding the dirty frag linux exploit and its companion Copy Fail requires examining five distinct mechanisms that make these vulnerabilities so dangerous.
Five Critical Exploit Components
The two disclosed vulnerabilities are actually a family of related page-cache write primitives. Each component plays a specific role in the attack chain. Below, we break down the five key exploit elements that security teams must understand to defend their systems.
1. Copy Fail: The AI-Discovered Logic Flaw
Theori’s tool Xint Code scanned the Linux crypto subsystem in about an hour using a single operator prompt. It uncovered a logic error in the algif_aead kernel module, introduced by an in-place optimisation back in 2017. An unprivileged local user can splice data into an AF_ALG socket, then complete a small write into the page cache of any file they do not own. Because the page cache is shared system-wide, this write can target setuid binaries and escalate privileges to root. Theori shipped a standalone 732-byte Python proof-of-concept that roots Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16 without modification. This exploit represents the first commercially leveraged AI discovery in kernel-level privilege escalation, and it directly influenced the development of the dirty frag linux exploit.
2. Dirty Frag: The xfrm-ESP Page-Cache Write (CVE-2026-43284)
Hyunwoo Kim’s first variant targets the IPsec ESP (Encapsulating Security Payload) implementation in the esp4 and esp6 kernel modules. It provides a powerful arbitrary 4-byte STORE primitive similar to Copy Fail. This bug affects kernels from January 2017 up to a patch in May 2026. However, triggering it requires the privilege to create a network namespace. Some distributions, such as Ubuntu with restrictive AppArmor profiles, block unprivileged user namespace creation. In those environments, this variant cannot be used alone. Despite this limitation, the xfrm-ESP write is included in most distribution kernels and works out of the box on systems that allow namespace creation.
3. Dirty Frag: The RxRPC Page-Cache Write (CVE-2026-43500)
The second variant in the dirty frag linux exploit chain targets the RxRPC (Remote Procedure Call over UDP) kernel module. Unlike the xfrm-ESP variant, this bug does not require namespace creation privileges. Any unprivileged user can trigger it as long as the rxrpc.ko module is loaded. The vulnerability covers a narrower kernel window: from June 2023 (when the affected code path was introduced) to May 10, 2026. Most distributions do not load this module by default. Ubuntu is the notable exception — it loads rxrpc.ko at boot, making every Ubuntu release from Trusty Tahr (14.04 LTS) onward vulnerable to this variant. By chaining the two Dirty Frag bugs, Kim eliminated the blind spots that would otherwise protect each distribution.
You may also enjoy reading: WIRED’s 5 Best Live-Captioning Smart Glasses (2026 Tested).
4. The Deterministic Chaining That Defeats Mitigations
What makes the dirty frag linux exploit particularly alarming is that neither variant depends on a race condition. Kim describes them as deterministic logic bugs. A failed attempt does not panic the kernel, so an attacker can retry indefinitely with a high success rate. The chaining works as follows: on systems where the xfrm-ESP variant requires namespace creation but that privilege is blocked, the RxRPC variant takes over. On systems where RxRPC is not available, the xfrm-ESP variant works. The combination covers every major distribution tested — including RHEL, SUSE, Amazon Linux, and all Ubuntu releases. AlmaLinux published a detailed breakdown the same day as the disclosure, along with test kernels and production updates. Canonical assigned CVSS scores of 8.8 (HIGH) for CVE-2026-43284 and 7.8 (HIGH) for CVE-2026-43500, and released a mitigation guide.
5. The Broader Page-Cache Bug Class Legacy
Both Copy Fail and Dirty Frag belong to the same bug class as the 2022 Dirty Pipe vulnerability (CVE-2022-0847). All three exploit the kernel’s page cache to write data into files that the attacker does not own. The fundamental issue is that the page cache trusts that writes made through kernel internal operations will respect file permissions. In-place optimizations and logic errors in cryptographic and networking code paths bypass those permission checks. The disclosure timeline for Copy Fail shows a responsible process: reported on March 23, 2026; patches by March 25; mainline commit on April 1; CVE assigned on April 22; public disclosure on April 29. Dirty Frag, however, had an unusual disclosure: Kim published on May 7 before any patches or CVEs were officially assigned, breaking the embargo. The incident underscores how the page-cache attack surface continues to yield critical vulnerabilities years after Dirty Pipe first made headlines. Security teams must now treat every kernel subsystem that touches the page cache as a potential entry point for privilege escalation.
The rapid succession of these disclosures highlights the need for diligent patch management and continuous system monitoring. Organizations should immediately apply kernel updates from their distribution vendors, review AppArmor or SELinux policies around user namespaces and network keyrings, and consider whether unprivileged AF_ALG socket access can be restricted. The age and prevalence of these bugs — some dating back nearly a decade — remind us that even well-audited code can hide exploitable logic errors for years. Staying ahead of the dirty frag linux exploit and similar threats requires both proactive patching and a deeper understanding of the kernel internals that govern data integrity.
