Home / Security updates / CVE-2026-43500, CVE-2026-46300 - Networking subsystem privilege escalation – Linux kernel (“Dirty Frag”)
CVE-2026-43500, CVE-2026-46300 - Networking subsystem privilege escalation – Linux kernel (“Dirty Frag”)
Security updates detail rendered from /security-updates/upd_90680c9b7125d2f5.
Overview
| ID | upd_90680c9b7125d2f5 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Data Intensity |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_90680c9b7125d2f5 |
| providerId | safebase |
| organizationId | org_a12b1d753425b571 |
| trustCenterId | tc_7629a3e02e64d865 |
| title | CVE-2026-43500, CVE-2026-46300 - Networking subsystem privilege escalation – Linux kernel (“Dirty Frag”) |
| message | Data Intensity is issuing a follow‑up notification regarding additional Linux kernel vulnerabilities identified after the previously communicated “Copy Fail” (CVE‑2026‑31431) advisory. Two newly disclosed vulnerabilities—CVE‑2026‑43500 and CVE‑2026‑46300—are part of a broader class of issues referred to collectively as “Dirty Frag” and its related variant “Fragnesia.” These vulnerabilities may allow a local user with limited access to elevate privileges to root, potentially resulting in full system control if exploited. The impact and the fix are nearly identical to "Copy Fail", requiring a kernel update to fix. As such we will be following the same remediation plan as the "Copy Fail" vulnerability to remediate and following up with already remediated customers to perform an additional action. As with "Copy Fail", these vulnerabilities are being exploited in the wild so we urge customers to patch as soon as possible. You can find additional information on these vulnerabilities he |
| url | - |
| publishedAt | 2026-05-18 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a12b1d753425b571",
"name": "Data Intensity",
"domains": [
"trust.dataintensity.com",
"dataintensity.com"
]
} |
| trust_center | {
"id": "tc_7629a3e02e64d865",
"name": "Data Intensity",
"url": "https://trust.dataintensity.com",
"host": "trust.dataintensity.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_90680c9b7125d2f5",
"company": "/v1/companies/org_a12b1d753425b571",
"trust_center": "/v1/trust-centers/tc_7629a3e02e64d865",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_90680c9b7125d2f5JSON