Proof-of-concept (PoC) exploit code has been made public for a recently patched Linux kernel security flaw that enables local privilege escalation (LPE).
Nicknamed DirtyDecrypt (also known as DirtyCBC), the vulnerability was found and disclosed by the Zellic and V12 security team on May 9, 2026, only to learn from the maintainers that it duplicated an issue already fixed in the mainline kernel.
“It’s a rxgk pagecache write caused by a missing COW [copy-on-write] guard in rxgk_decrypt_skb,” said Zellic co-founder Luna Tong (also known as cts and gf_256) in a GitHub write-up.
While no CVE ID was officially shared, the flaw matches CVE-2026-31635 (CVSS score: 7.5), based on the NIST National Vulnerability Database (NVD) linking to the DirtyDecrypt PoC in its CVE entry.
“The root cause lies in rxgk_decrypt_skb(), the routine responsible for decrypting incoming sk_buff (socket buffer) data on the receive side,” said Moselwal.
“This code path deals with memory pages partially shared with the page cache of other processes — a common Linux optimization safeguarded by copy-on-write: whenever a write targets a shared page, the system creates a private copy first to prevent the write from leaking into another process’s data.”
Without this COW guard in rxgk_decrypt_skb, data gets written directly into the memory of privileged processes or, in some exploit scenarios, into the page cache holding privileged files like /etc/shadow, /etc/sudoers, or a SUID binary — ultimately resulting in local privilege escalation.
DirtyDecrypt only affects distributions where CONFIG_RXGK is enabled, including Fedora, Arch Linux, and openSUSE Tumbleweed. In containerized setups, worker nodes running a vulnerable Linux kernel could offer a route to break out of the pod.
According to Zellic, this bug is considered a variant of Copy Fail (CVE-2026-31431), Dirty Frag aka Copy Fail 2 (CVE-2026-43284 and CVE-2026-43500), and Fragnesia (CVE-2026-46300), all of which grant root access on affected systems.
Copy Fail, a local privilege escalation bug in the AF_ALG cryptographic socket interface, was disclosed by Theori researchers on April 29, 2026. Dirty Frag followed just a week later, building on Copy Fail with two page-cache write primitives.
However, security researcher Hyunwoo Kim was compelled to proceed with public disclosure after the agreed embargo window was cut short. A merged patch for CVE-2026-43284 on May 5 tipped off another researcher — who was unaware of the embargo — to examine the commit and independently publish details of the flaw.
“I reviewed the commit, identified the xfrm ESP-in-UDP MSG_SPLICE_PAGES no-COW path targeting shared pipe pages as an LPE primitive, and developed a PoC,” said the researcher, known online as 0xdeadbeefnetwork and afflicted.sh. “The work is n-day weaponization from a public upstream commit — standard practice once a security-relevant fix lands in a public tree.”
Fragnesia is yet another Dirty Frag variant, this time impacting the XFRM ESP-in-TCP subsystem. The result is the same: it lets unprivileged local attackers alter read-only file contents in the kernel page cache to gain root privileges.
This wave of discoveries coincides with an LPE flaw in the Linux PackageKit daemon (CVE-2026-41651, aka Pack2TheRoot, CVSS score: 8.8) and an improper privilege management bug in the kernel (CVE-2026-46333, aka ssh-keysign-pwn, CVSS score: 5.5), which allows an unprivileged local user to read root-owned secrets such as SSH private keys.
Several Linux distributions have issued advisories for CVE-2026-46333 –
Kernel Killswitch?
The rapid succession of new disclosures over just a few weeks has pushed Linux kernel developers to evaluate a proposal for an emergency “killswitch” — a mechanism that would let administrators disable vulnerable kernel functions on the fly until a patch for a zero-day vulnerability is ready.
“Killswitch allows a privileged operator to force a chosen kernel function to return a fixed value without executing its body, serving as a temporary mitigation for a security bug while a proper fix is being developed,” explained Linux kernel developer and maintainer Sasha Levin in the submitted proposal.
“The function simply returns the operator-provided value and nothing else runs in its place. There’s no allowlist or return-type validation — if the kprobe layer accepts the symbol, killswitch takes effect. Once activated, the change applies across every CPU until ‘disengage’ is written or the system is rebooted.”
Rocky Linux Debuts Security Repository
Meanwhile, Rocky Linux has launched an optional security repository designed to distribute critical security fixes rapidly, especially in cases where severe vulnerabilities become public before coordinated upstream patches are available.
“The repository is disabled by default — intentionally so,” the maintainers stated. “The default Rocky Linux experience remains exactly what it has always been: predictable, stable, and fully upstream-compatible. Administrators who need access to faster fixes can opt in when the need arises.”
This security repository targets “specific, narrow” situations where a serious vulnerability is already public, exploit code exists, and upstream patches are still unavailable. Rocky Linux has stressed that it does not replace the standard release process.
“If we push a fix and upstream later decides not to address the issue, the next upstream kernel release will override our patched version,” the maintainers added. “Users who haven’t version-locked their kernel will, at that point, lose our fix. That’s the trade-off we accepted when building this.”
