Dirty Frag is a newly disclosed Linux kernel local privilege escalation vulnerability that chains two separate page-cache write flaws, allowing attackers to gain root privileges on virtually all major Linux distributions. Discovered by security researcher Hyunwoo Kim, the exploit modifies page cache in RAM deterministically without requiring timing windows or crashing the kernel, with a public proof-of-concept released following an embargo breach on May 7, 2026. Immediate mitigation involves disabling affected kernel modules until distribution-level patches, which are partially merged upstream, become available.
https://cybersecuritynews.com/dirty-frag-linux-vulnerability/

