CVE Tools
Back to feed
SecurityWeek ·EN-US News source

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

By Ionut Arghire··2 min read
CVE Tools coverage

JFrog disclosed details and a PoC for CVE-2026-43503, a high-severity Linux kernel local privilege escalation vulnerability that can let any local user obtain root access (CVSS 8.8). The issue is a variant related to the DirtyFrag (Copy Fail 2) and Fragnesia vulnerability family, and it stems from memory corruption in the kernel’s networking skb processing and zero-copy page-cache interactions. Debian, Fedora, and Ubuntu are potentially impacted when unprivileged user namespaces are enabled, and attackers with CAP_NET_ADMIN on an affected kernel can escalate to root—posing particular risk for multi-tenant cloud, Kubernetes, and container environments.