MITRE ATT&CK Mapping

Elastic Security Labs Vulnerability Disclosure Linux May 9

Copy Fail and DirtyFrag: Linux Page Cache Bugs in the Wild

This research analyzes the Linux kernel privilege escalation vulnerabilities Copy Fail and DirtyFrag, which exploit subtle page cache corruption bugs to crea...

T1548

Elastic Security Labs →

SC Media Zero-Day Linux May 8

'Dirty Frag' Linux zero-day exposes most distributions to LPE

Dirty Frag Linux zero-day exposes most distributions to root privilege escalation.

T1548

SC Media →

Microsoft Security Blog Vulnerability Disclosure Microsoft Linux Docker May 8

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and memory-fragment handling components including ...

T1190 T1548 T1068

Microsoft Security Blog →

Tenable Blog CVE Linux May 8

Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain

Weeks after the Copy Fail vulnerability was revealed, a new Linux kernel escalation vulnerability has been uncovered. Dubbed “Dirty Frag,” this flaw could al...

T1548 T1068 2 IOCs

Tenable Blog →

Help Net Security CVE Amazon Linux May 8

Dirty Frag: Unpatched Linux vulnerability delivers root access

A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty...

T1548 T1068 2 IOCs

Help Net Security →

Security Affairs Vulnerability Disclosure Red Hat Linux May 8

Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild

Dirty Frag: unpatched Linux kernel flaw grants root access on Ubuntu, RHEL and Fedora. A working exploit is already public.

T1548

Security Affairs →

SANS ISC CVE Linux May 8

Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)

Less than two weeks after the public disclosure of the Copy Fail vulnerability (CVE-2026-31431), another local privilege escalation (LPE) vulnerability in th...

T1548 T1068 1 IOC

SANS ISC →

GBHackers Vulnerability Disclosure Linux May 8

PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability

A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed “Dirty Frag”. This universal local privilege escalation vulnerability allows att...

T1548 T1068 T1598

GBHackers →

The Hacker News CVE Linux May 8

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been describ...

T1548 T1068 1 IOC

The Hacker News →

Cloudflare Blog Vulnerability Disclosure Cloudflare Linux May 7

How Cloudflare responded to the “Copy Fail” Linux vulnerability

When a critical Linux kernel privilege escalation was publicly disclosed, Cloudflare's security and engineering teams detected, investigated, and mitigated t...

T1548

Cloudflare Blog →

HackRead Vulnerability Disclosure Google GitHub May 6

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise.

T1548 T1195

HackRead →

Information Security Buzz CVE Linux May 5

Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation

The Cybersecurity and Infrastructure Security Agency (CISA) has added another Linux kernel vulnerability, CVE-2026-31431, also known as Copy Fail, to the Kno...

T1548 1 IOC

Information Security Buzz →

Exploit Database Vulnerability Disclosure Linux May 4

[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

Linux Kernel proc_readdir_de() 6.

T1548 T1068

Exploit Database →

Exploit Database Vulnerability Disclosure Linux May 4

[local] Linux nf_tables 6.19.3 - Local Privilege Escalation

Linux nf_tables 6.19.

T1548 T1068

Exploit Database →

Exploit Database Vulnerability Disclosure Microsoft May 4

[local] Windows 11 24H2 - Local Privilege Escalation

Windows 11 24H2 - Local Privilege Escalation

T1548 T1068

Exploit Database →

The Hacker News CVE Linux May 3

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S.

T1548 T1068 1 IOC

The Hacker News →

Microsoft Security Blog CVE Microsoft Linux Kubernetes May 2

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud environments and Kubernetes workloads. With...

T1548 1 IOC

Microsoft Security Blog →

Tenable Blog CVE Linux Apr 30

Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability

A flaw in the Linux kernel present since 2017 allows a local user to gain root access on virtually every major Linux distribution. A public exploit is availa...

T1548 T1068 1 IOC

Tenable Blog →

The Hacker News CVE Linux Apr 30

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root....

T1548 T1068 2 IOCs

The Hacker News →

Exploit Database Vulnerability Disclosure Apr 29

[local] GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation

GNU InetUtils 2.

T1548

Exploit Database →