Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild

A newly discovered Linux kernel vulnerability, known as Dirty Frag, enables unprivileged local users to escalate privileges and gain full root access on major distributions, including Ubuntu, RHEL, and Fedora. This flaw is related to the Dirty Pipe family of vulnerabilities, but bypasses the Copy Fail mitigation, rendering existing patches ineffective. As a result, systems that have applied the algif_aead blacklist are still vulnerable to Dirty Frag. A working exploit is already publicly available, allowing attackers to leverage this vulnerability¹. The vulnerability's impact is significant, as it can be exploited by local users to gain unrestricted access to sensitive data and systems. This vulnerability matters to security practitioners because it highlights the need for urgent patching and mitigation measures to prevent potential attacks on Linux-based systems.