TencentOS Server 4: kernel (TSSA-2026:0540)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0540 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

Linux Distros Unpatched Vulnerability : CVE-2026-46331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

Fedora 42 : kernel (2026-32ae3b7199)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-32ae3b7199 advisory. The 6.19.14-107 update contains a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability. Tenable has extracted the preceding description block direct...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

Fedora 43 : kernel (2026-3f85a4eba7)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3f85a4eba7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

Fedora 44 : kernel (2026-57965ac9f7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-57965ac9f7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

PT-2026-49625

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write flaw exists in the traffic control packet editing pedit subsystem of the Linux kernel. In the tcf pedit act function, the copy-on-write COW range for skb ensure...

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation LPE vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia , the security...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

██████╗ ██████╗ ██████╗...