= DirtyFrag =

It is a Linux local privilege escalation (LPE) named Dirty Frag. Combination of CVE-2026-43284 and CVE-2026-43500.
 * https://www.cve.org/CVERecord?id=CVE-2026-43284
 * https://www.tenable.com/blog/dirty-frag-cve-2026-43284-cve-2026-43500-frequently-asked-questions-linux-kernel-lpe

Affected kernel modules seem to be esp4, esp6 and rxrpc.

== Mitigation ==
{{{#!highlight sh
sudo bash
sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; echo 3 > /proc/sys/vm/drop_caches; true"

cat /etc/modprobe.d/dirtyfrag.conf 
}}}