A critical Linux kernel vulnerability, known as DirtyClone, has been discovered, allowing attackers to silently rewrite executables in memory and escalate to root privileges without leaving any disk trace. This flaw, identified as CVE-2026-43503 with a CVSS score of 8.8, is the fourth vulnerability in the DirtyFrag family, all of which stem from the same root cause: the kernel's failure to properly handle file-backed memory as packet data. JFrog Security Research published a working exploit walkthrough on June 25, highlighting the severity of this issue1. The vulnerability can be exploited if the kernel has not been updated with the May 21 mainline patch. This disclosure expands the active attack surface, making it essential for practitioners to prioritize updates based on their exposure and exploitation evidence. The presence of this vulnerability underscores the need for prompt patching to prevent potential root compromises, so what matters most is applying the necessary update to prevent attackers from leveraging this flaw.