TECH NEWS

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

https://hackread.com/wp-content/uploads/2026/05/9-year-old-dirty-frag-vulnerability-root-access-linux-1024x576.jpg

Dirty Frag is the collective name researchers assigned to two Linux vulnerabilities that existed in the Linux kernel for around nine years before being discovered.

Red Hat, a major American software firm, has released a report on two Linux kernel vulnerabilities collectively dubbed Dirty Frag. It is a local privilege escalation (LPE) vulnerability similar to the recently reported Copy Fail, allowing an unprivileged user with a basic local account to gain root access.

For context, in cybersecurity, root is the highest level of power possible, and getting it without permission is called privilege escalation.

According to researchers, the Dirty Frag vulnerability has existed for around nine years, and caused by a logic flaw in the networking sections of the system that handle the IPSec ESP (esp4 and esp6) and rxrpc modules. The IPSec ESP issue is tracked as CVE-2026-43284, whereas the rxrpc part is given the ID CVE-2026-43500.

...

Copyright of this story solely belongs to hackread.com. To see the full text click HERE

Read more

https://cdn.arstechnica.net/wp-content/uploads/2026/05/GettyImages-2164333125-1152x648.jpg

Two research papers describe how Google's Co-Scientist and nonprofit FutureHouse's AI tools can succeed at drug-retargeting tasks by forming hypotheses

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data
https://static01.nyt.com/images/2026/05/18/multimedia/Biz-China-AI-01-pwzt/Biz-China-AI-01-pwzt-facebookJumbo.jpg

Three precedent-setting court rulings in China have said that employers replacing workers with AI is voluntary cost-cutting that does not justify mass layoffs

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data