A second zero-day in the Linux kernel was reported inside of 10 days — this time “Dirty Frag,” a bug that much like the recent "Copy Fail" vulnerability affects practically all Linux distributions.The new Linux bug was disclosed by security researcher Hyunwoo Kim, who also released a proof-of-concept exploit. Following the disclosure, NIST on May 8 released CVE-2026-43284 with a high-severity rating of 7.8. No patches are yet known available.Ben Ronallo, principal cybersecurity engineer at Black Duck, said technically there’s two CVEs: CVE-2026-43284 and CVE-2026-43500: the first contains the primary details of the vulnerability class, while the second was reserved for any unpatched kernels over time.Ronallo said Dirty Frag functions much like Copy Fail and Dirty Pipe (from 2022) in that they attack page caches in the system where in-place crypto operations take place. Ronallo said Copy Fail, Dirty Pipe, and Dirty Frag are all exploiting the same root cause, but Dirty Frag is not limited to a single Linux subsystem, whereas Copy Fail is limited to only algif_aead and Dirty Pipe is limited to pipe_buffer. “With two variants and full exploit code published by the researchers, it’s only a matter of hours or days before this is weaponized,” said Ronallo. “Security teams should be investigating and deploying mitigation or other controls immediately.”David Brumley, chief AI and science officer at Bugcrowd, said Dirty Frag was discovered by the legendary Hyunwoo Kim, and it’s in the same class of Copy Fail and Dirty Pipe. Brumley said it has the same impact in that virtually every Linux distribution is vulnerable, and the fix for Copy Fail alone doesn’t suffice.Brumley explained the real signal here is that advanced AI security tools are important, but they don’t clear the board of all vulnerabilities. Copy Fail was found with advanced AI analysis, said Brumley, but the related Dirty Frag bug was still missed.“That’s not a knock on AI,” said Brumley. “It’s already helping tremendously. It’s a reminder that vulnerability classes are rarely exhausted by a single pass, even a very good one. Independent researchers still matter because they bring different intuitions, different workflows, and different failure modes.”Jacob Krell, senior director of secure AI solutions and cybersecurity at Suzu Labs, explained Dirty Frag and Copy Fail are similar because both are Linux local privilege escalation (LPE) flaws in the broader page-cache corruption family. Krell said in both cases, the attacker abuses kernel behavior around cached file-backed memory rather than simply modifying a protected file on disk. Copy Fail involved the Linux `algif_aead` crypto interface, `AF_ALG`, and `splice()`, allowing a small controlled write into page-cache-backed memory.
Krell said Dirty Frag reaches a similar result through different kernel paths. It involves IPsec ESP/xfrm and RxRPC, and it chains separate issues rather than following the same crypto interface path as Copy Fail.“The operational impact is similar, but the route is different,” said Krell. “That’s the important point. This is not the same bug repeated. It’s the same class of kernel memory-handling weakness showing up in different subsystems. The practical lesson is that defenders need to track public exploit activity, upstream patches, and distribution advisories, not just wait for a finalized database entry.”Gidi Cohen, chief executive officer of Bonfy, added that Dirty Frag is another reminder that the most dangerous vulnerabilities aren’t the flashy remote exploits, they’re the quiet, deterministic logic flaws that sit unnoticed for nearly a decade and give attackers perfect reliability once discovered.“Like Copy Fail, Dirty Frag shows how a single overlooked write primitive in the kernel’s page‑cache machinery can collapse every trust boundary above it,” said Cohen. “These bugs don’t just escalate privileges; they erode the foundational assumption that system‑level content is immutable.”
Cohen said it’s a clear lesson for organizations: privilege‑escalation flaws don’t stay confined to the OS. Once an attacker becomes root, every AI system, agent, and data pipeline running on that machine inherits the compromise.“As AI‑driven workflows accelerate, the blast radius of a kernel‑level bug becomes exponentially larger, turning a local LPE into a full‑stack data‑integrity and confidentiality event,” said Cohen.
Krell said Dirty Frag reaches a similar result through different kernel paths. It involves IPsec ESP/xfrm and RxRPC, and it chains separate issues rather than following the same crypto interface path as Copy Fail.“The operational impact is similar, but the route is different,” said Krell. “That’s the important point. This is not the same bug repeated. It’s the same class of kernel memory-handling weakness showing up in different subsystems. The practical lesson is that defenders need to track public exploit activity, upstream patches, and distribution advisories, not just wait for a finalized database entry.”Gidi Cohen, chief executive officer of Bonfy, added that Dirty Frag is another reminder that the most dangerous vulnerabilities aren’t the flashy remote exploits, they’re the quiet, deterministic logic flaws that sit unnoticed for nearly a decade and give attackers perfect reliability once discovered.“Like Copy Fail, Dirty Frag shows how a single overlooked write primitive in the kernel’s page‑cache machinery can collapse every trust boundary above it,” said Cohen. “These bugs don’t just escalate privileges; they erode the foundational assumption that system‑level content is immutable.”
Cohen said it’s a clear lesson for organizations: privilege‑escalation flaws don’t stay confined to the OS. Once an attacker becomes root, every AI system, agent, and data pipeline running on that machine inherits the compromise.“As AI‑driven workflows accelerate, the blast radius of a kernel‑level bug becomes exponentially larger, turning a local LPE into a full‑stack data‑integrity and confidentiality event,” said Cohen.