VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

PoC DirtyDecrypt: Linux Kernel LPE CVE-2026-31635

PoC DirtyDecrypt: LPE в ядре Linux CVE-2026-31635

Colleagues, a heads-up in cybersecurity: a PoC for DirtyDecrypt (CVE-2026-31635) has been published, enabling local privilege escalation.

Briefly:
- Cause: lack of COW protection in rxgk_decrypt_skb — allows writes to process memory/page cache.
- Affects kernels built with CONFIG_RXGK (Fedora, Arch, openSUSE Tumbleweed); container escapes are possible.
- Variant of Copy Fail/Dirty Frag/Fragnesia; PoC available, CVSS ≈ 7.5.
- Temporary mitigations (killswitch) and accelerated repos (Rocky Linux) are being discussed.

Why it matters: the exploit yields a path to root — urgent checks and patching required.

How do you plan to protect your hosts?

#cybersecurity #Linux #CVE #security

Latest comments

No comments yet.