New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks.

Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8) and is rooted in the Linux kernel's XFRM ESP-in-TCP subsystem. It was discovered by researcher William Bowling of Zellic and the V12 security team.

"The vulnerability allows unprivileged local attackers to modify read-only file contents in the kernel page cache and achieve root privileges through a deterministic page-cache corruption primitive," Google-owned Wiz said.

Advisories have been released by multiple Linux distributions -

AlmaLinux

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Other newsrooms on this story

Related reading

New Fragnesia Linux flaw lets attackers gain root privileges

Other newsrooms on this story

Related reading

New Fragnesia Linux flaw lets attackers gain root privileges

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major…

Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access

Critical New Linux Zero-Day Leaked—What Admins Need To Do Now

'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit

Dirty Frag is a new Linux bug putting your system at risk - and there's no…