CVE-2026-43284: "Dirty Frag" Local Privilege Escalation via Linux Kernel Page Cache Corruption Vulnerability ID: CVE-2026-43284 CVSS Score: 8.8 Published: 2026-05-08 CVE-2026-43284, identified as "Dirty Frag", is a critical local privilege escalation vulnerability in the Linux kernel's handling of shared socket buffer fragments during Encapsulating Security Payload (ESP) decryption. The flaw permits unprivileged local adversaries to corrupt the Linux page cache, establishing a write-what-where primitive that can be leveraged to overwrite read-only system files such as /etc/passwd and achieve immediate root privilege escalation. TL;DR A logic error in the Linux kernel allows unprivileged users to overwrite the memory cache of read-only files by exploiting the MSG_SPLICE_PAGES flag alongside ESP-in-UDP decryption. This enables direct manipulation of critical configuration files and arbitrary code execution as root.…