New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

2026-05-14

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

A new Linux kernel vulnerability called Fragnesia (CVE-2026-46300) allows unprivileged local attackers to gain root access through page cache corruption.

•The vulnerability exists in the Linux kernel's XFRM ESP-in-TCP subsystem and was discovered by researcher William Bowling of the V12 security team
•It enables deterministic page-cache corruption that modifies read-only file contents without requiring race conditions
•The exploit corrupts the /usr/bin/su binary in kernel page cache to grant root privileges on all major Linux distributions
•Multiple Linux distributions including Red Hat, Ubuntu, Debian, and Amazon Linux have released security advisories and patches
•Mitigations include AppArmor restrictions, disabling ESP/XFRM functionality, and restricting local shell access until patches are applied

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

Building a safe, effective sandbox to enable Codex on Windows

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories