- New Linux kernel vulnerability CVE‑2026‑46300 “Fragnesia” allows local attackers to take root
- Discovered by William Bowling of Zellic;
- PoC shows page cache corruption /usr/bin/su to get root shell
Security researchers have discovered a new vulnerability in the Linux kernel that could allow malicious actors to execute code with elevated privileges, putting systems at risk of data theft, malware deployment, and even complete device takeover.
The vulnerability is identified as CVE-2026-46300 and has received a severity score of 7.8/10 (high). It’s nicknamed Fragnesia and apparently belongs to the same vulnerability class as Dirty Frag, another recently revealed kernel bug.
While Dirty Frag is a chain of multiple flaws, Fragnesia presents itself in the form of a logical bug in the Linux XFRM EST-in-TCP subsystem. By writing arbitrary bytes to the cache of kernel pages containing read-only files, unprivileged local attackers can gain root privileges, thereby compromising the entire system.
Fixes and killswitches
The bug was discovered by William Bowling of Zellic, who also shared a proof of concept (PoC) that “performs a write-to-memory primitive in the kernel that is used to corrupt the page cache of the /usr/bin/su binary to obtain a root-privileged shell.”
“Fragnesia is a member of the Dirty Frag vulnerability class. This is a separate bug in ESP/XFRM from dirtyfrag that received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag,” Bowling said. “It exploits a logic bug in the Linux XFRM ESP-in-TCP subsystem to perform arbitrary byte writes to the read-only file kernel page cache, without requiring a race condition.”
To mitigate the risk, Linux users should apply kernel updates for their distributions without delay.
Linux kernel vulnerabilities are a hot topic these days. Prompted by Dirty Frag and Copy Fail, two recently revealed vulnerabilities, co-maintainer Sasha Levin proposed a new patch that would allow system administrators to temporarily disable a vulnerable kernel feature.
This way, if security researchers discover malicious code in the future, users can quickly tell the kernel not to use it. The feature would not fix the underlying issues, but because it would return an error, it could prevent the vulnerability from causing serious damage before a suitable patch is deployed.
The new feature is currently under review by the Linux community and has not yet been officially introduced.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
