DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now.
JFrog Security Research published a working exploit walkthrough on June 25 for CVE-2026-43503 (CVSS score of 8.8), a Linux kernel privilege escalation they call DirtyClone. It’s the fourth vulnerability in the DirtyFrag family, all sharing the same root failure: file-backed memory gets treated as packet data, and an in-place network operation writes where it should have copied. CVSSIf your kernel doesn’t have the May 21 mainline patch, update now.
“The severity of this issue is significant because it allows any unprivileged local user to gain root access (LPE) by manipulating the Linux page cache.” reads the report published by JFrog. “The attack is silent, leaves no kernel logs or audit traces, and bypasses common on-disk integrity monitoring tools.”
The attacker loads a privileged binary like /usr/bin/su into memory, wires those pages into a network packet, and forces the kernel to clone it through a loopback IPsec tunnel they control. The decryption step overwrites the binary’s authentication logic with attacker-chosen bytes, and the next run of su hands over root — while the file on disk stays untouched.
The exploit requires CAP_NET_ADMIN to configure the IPsec environment. On Debian and Fedora that capability is reachable by any local user through unprivileged user namespaces, which are enabled by default.
“The attacker begins by creating a fresh network namespace:
unshare -Urn
This provides network administrative capabilities inside the namespace.” continues the report. “While capabilities are namespaced, page cache is shared at the host level, so if file-backed pages are modified through shared mappings, the effects may propagate to other processes using those pages.”
Ubuntu 24.04 and later restrict namespace creation via AppArmor, blocking the default exploit path, but every other distribution with default namespace configurations is exposed.
The DirtyFrag family now has four members. Copy Fail (CVE-2026-31431) arrived in late April. DirtyFrag (CVE-2026-43284 and CVE-2026-43500) followed on May 7. Fragnesia (CVE-2026-46300) appeared on May 13, bypassing the DirtyFrag patch through a flag-dropping bug in skb_try_coalesce().
“DirtyFrag is a family of Linux kernel memory corruption vulnerabilities in the core networking stack affecting how socket buffers (skb) reference shared page-cache memory, which are subsequently weaponized through in-place cryptographic transformations in subsystems like XFRM/IPsec or RxRPC.” continues the report. “Despite targeting different packet cloning or forwarding paths, variants like DirtyFrag, Fragnesia, and DirtyClone all rely on a shared technique: tricking the kernel into treating read-only, file-backed page cache memory as writable network buffers.”
Each patch closed one code path and left others open. The underlying contract, that every function moving socket buffer fragments must preserve the shared-frag flag, every time, was never fully enforced across the codebase.
The original DirtyFrag researcher Hyunwoo Kim submitted a broader multi-site patch on May 16 covering the remaining fragment-transfer helpers. JFrog independently rediscovered one of the affected functions on May 19, built a working exploit, and reported it. The combined fix merged on May 21, CVE-2026-43503 was published on May 23, and Linux v7.1-rc5 shipped on May 24 as the first fixed release. Ubuntu, Debian, and SUSE have published advisories; Red Hat has a Bugzilla tracking entry.
If patching today isn’t an option, two workarounds reduce the attack surface. Setting kernel.unprivileged_userns_clone=0 on Debian and Ubuntu blocks the namespace-based path to CAP_NET_ADMIN. Blacklisting the esp4, esp6, and rxrpc kernel modules removes the in-place decryption primitives the exploit needs, though that breaks IPsec and AFS. Neither is a fix. The DirtyFrag class probably isn’t finished: any fragment-transfer function that drops the shared-frag flag along the way is a potential new variant, and auditing every such path in the kernel networking stack is a large and unfinished job.
JFrog published a Proof Of Concept video for the exploitation of the flaw.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Linux)
