Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many fileystems, such as NFS and Ceph, do not implement the invalidatecache method. On these fileystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...

Astra Linux – Vulnerability in amd64-microcode

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to influence the cache line write-back behavior of the CPU, resulting in a potential loss of integrity of the guest virtual machine VM memory...

dirtyfrag

Dirty Frag Overview Dirty Frag is a class of Linux ke...

org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

Dirty Frag: Using the Page Caches as an Attack Surface

Dirty Frag is a Linux local privilege escalation LPE chain published on May 7, 2026. It combines two previously unknown kernel vulnerabilities can allow an unprivileged local user to escalate to root on many major Linux distributions. xfrm-ESP Page-Cache Write CVE-2026-43284 RxRPC Page-Cache Writ...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag Technical Analysis CVE-2026-43284 xfrm-ESP / C...

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege escalation LPE vulnerability impacting the Linux kernel. Dubbed Dirty Frag , it has been described as a successor to Copy Fail CVE-2026-31431, CVSS score: 7.8, a recently disclosed LPE flaw impacting the Linux kernel that has since come...

dirtyfrag

Dirty Frag: Universal Linux LPE Abstract !tuxasse...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ubifs: Fixed an issue where the refcount should be incremented after a page is set as private. MM defined the rule 1 very clearly: once a page is marked with the PGprivate flag, the refcount should be incremented for that page...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Local Privilege Escalation i...

Copy Fail AF_ALG + authencesn Page-Cache Write

CVE-2026-31431 is a logic flaw in the Linux kernel's authencesn AEAD template that, when reached via the AFALG socket interface combined with splice, allows an unprivileged local user to perform a controlled 4-byte write into the page cache of any readable file. Because the corrupted pages are...

Exploit for CVE-2026-31431

Copy Fail - CVE-2026-31431 This repository provides a Go port...

Exploit for CVE-2026-31431

CVE-2026-31431 Linux algifaead page-cache write to root - Lo...

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Universal LPE Exploit Linux...

Exploit for CVE-2026-31431

CVE-2026-31431 — "Copy Fail" Research Repository !Severity:...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Detection & Response Package P...

📄 MetInfo CMS 8.1 Code Injection

MetInfo CMS versions 8.1 and below suffer from a PHP code injection vulnerability in weixinreply.class.php. --------------------------------------------------------------------------- MetInfo CMS = 8.1 weixinreply.class.php PHP Code Injection Vulnerability...

SUSE CVE-2026-23232

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

EUVD-2026-9404

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...