CVE Tools
Back to feed
The Hacker News ·EN News source

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

By The Hacker News··3 min read
CVE Tools coverage

A newly disclosed Linux kernel flaw in the DirtyFrag family, called DirtyClone, can allow a local attacker to corrupt file-backed memory via cloned packet handling and achieve root privileges. The issue is tracked as CVE-2026-43503 (CVSS 8.8) and matters because the demonstrated technique modifies in-memory data only—so file integrity tools may not detect it and a reboot restores the original binary. JFrog Security Research has shared a working exploit, and the fix has already landed upstream; unpatched systems should update their kernels promptly.