VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Fragnesia (CVE-2026-46300): local LPE via page-cache corruption in XFRM ESP-in-TCP

Fragnesia (CVE-2026-46300): локальное LPE через коррумпирование page cache в XFRM ESP-in-TCP

Colleagues, please note a cybersecurity advisory: Fragnesia (CVE-2026-46300) — a local vulnerability in the Linux kernel XFRM ESP-in-TCP subsystem that allows page-cache writes and escalation to root.

— Discovered by William Bowling (V12 team); PoC published.
— Affects major distributions; vendors have issued advisories.
— Mitigations: apply patches urgently; if unavailable, adopt Dirty Frag mitigations (disable esp4/esp6/xfrm, restrict local shell access, harden containers, increase monitoring).

Why it matters: a simple local page-cache write can yield immediate root on many systems.

What steps have you taken to secure your infrastructure?

#кибербезопасность #Linux #уязвимости #инфобез

Latest comments

No comments yet.