All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Dirty Frag (CVE-2026-43284): Critical Linux Kernel Root Exploit Disclosed — Second Major Vulnerability in Eight Days

By

Gustavo Gallas

22d ago· 6 min readenNews
Bagel score 96 of 100
96/100
Golden Brown
Bagelometer

Hand-rolled, kettle-boiled, baked to perfection. Worth every minute at the bakery.

Score96TypenewsSentimentvery negative

Summary

A critical Linux kernel vulnerability called "Dirty Frag" (CVE-2026-43284 and CVE-2026-43500) has been publicly disclosed, giving root access to anyone who can run code on an unpatched server. This is the second major Linux root exploit in eight days, following "Copy Fail." A working exploit already exists, and servers not patched and rebooted since May 8, 2026 remain vulnerable. One of the two CVEs is already patched while the other is still being rolled out.

Key quotes

· 3 pulled
Eight days after Copy Fail shook the Linux server world, another critical vulnerability has arrived — and this one also hands root access to anyone who can run code on your server.
A working exploit already exists. And if your server has not been patched and rebooted since May 8, it is vulnerable right now.
Dirty Frag is the informal name for a chained exploit that combines two Linux kernel vulnerabilities: CVE-2026-43284 and CVE-2026-43500.
Snippet from the RSS feed
Eight days after Copy Fail shook the Linux server world, another critical vulnerability has arrived — and this one also hands root access to anyone who can run code on your server. It is called “Dirty Frag”. It was publicly disclosed on May 7, 2026. A wor

You might also wanna read

CIFSwitch Linux Vulnerability Allows Unprivileged Users to Gain Root Access via CIFS Flaw

A new Linux local-root privilege escalation vulnerability named CIFSwitch has been disclosed by researcher Asim Manizada. The flaw combines

almalinux.org·2d ago

AI-assisted vulnerability discovery raises concerns about Linux kernel security

This opinion article discusses a troubling trend in Linux security where AI-powered tools are being used to discover and exploit kernel vuln

theregister.com·1d ago

Critical 7-Zip vulnerability (CVE-8.8) enables code execution via crafted archive files; update to version 26.01 urged

A critical 8.8-rated CVE vulnerability has been discovered in the popular open-source archive utility 7-Zip. The flaw allows remote code exe

tomshardware.com·1d ago

Microsoft zero-day feud escalates as researcher threatens major exploit release on July 14

The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having

theregister.com·1d ago

Microsoft zero-day feud escalates as researcher threatens major exploit release on July 14

The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having

gigcitygeek.com·2d ago