Home / Security updates / Security Advisory - CVE-2026-43284: Analysis, Scope, and Remediation Plan
Security Advisory - CVE-2026-43284: Analysis, Scope, and Remediation Plan
Security updates detail rendered from /security-updates/upd_869ca7e7339c67b9.
Overview
| ID | upd_869ca7e7339c67b9 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Scaleway |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_869ca7e7339c67b9 |
| providerId | safebase |
| organizationId | org_9c40dfe3f8d30eb8 |
| trustCenterId | tc_97ceaa0bb95c8ff7 |
| title | Security Advisory - CVE-2026-43284: Analysis, Scope, and Remediation Plan |
| message | # Security Advisory - CVE-2026-43284: Analysis, Scope, and Remediation Plan Hello, This is an information note regarding **CVE-2026-43284**, known as **"Dirty Frag"**. This vulnerability was reported on **May 07, 2026**. It represents with **CopyFail (cf a previous post)**, another local privilege escalation vulnerability in the Linux kernel, with a potential impact on the entire global Linux fleet. Our security team became aware of this disclosure the same day it was published and immediately initiated the necessary investigations. This flaw is a sequel of **CopyFail** that allows a malicious user to perform a **Local Privilege Escalation (LPE)**. - On a standard server, it allows a standard user to become `root` (administrator). - In a containerized environment (such as **Docker** or **Kubernetes**), it allows for a container escape to take control of the host node. The impacted kernel modules is `ESP` which is used by the protocol IP-SEC and `RxRPC` which is used by the AF |
| url | - |
| publishedAt | 2026-05-11 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_9c40dfe3f8d30eb8",
"name": "Scaleway",
"domains": [
"security.scaleway.com",
"scaleway.com"
]
} |
| trust_center | {
"id": "tc_97ceaa0bb95c8ff7",
"name": "Scaleway",
"url": "https://security.scaleway.com",
"host": "security.scaleway.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_869ca7e7339c67b9",
"company": "/v1/companies/org_9c40dfe3f8d30eb8",
"trust_center": "/v1/trust-centers/tc_97ceaa0bb95c8ff7",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_869ca7e7339c67b9JSON