Next lack of security (named “Dirty Frag”) under Linux

🏷️ General
,
1

I have no support/technical question and have seen the support category. (Be aware that direct support questions will be deleted.)

on

Which general topic do you have

The next lack of security (named “Dirty Frag”) under Linux just has been published:
in German:
https://www.heise.de/news/Dirty-Frag-Linux-Luecken-verschaffen-root-Rechte-11286691.html

in english:

Verified with:

Ubuntu 24.04.4 (Kernel 6.17.0-23-generic)
RHEL 10.1 (Kernel 6.12.0-124.49.1.el10_1.x86_64)
openSUSE Tumbleweed (Kernel 7.0.2-1-default)
CentOS Stream 10 (Kernel 6.12.0-224.el10.x86_64)
AlmaLinux 10 (Kernel 6.12.0-124.52.3.el10_1.x86_64)
Fedora 44 (mit Kernel 6.19.14-300.fc44.x86_64)

(There are more distributions affected)

2

Here’s some additional information for Debian/Ubuntu users:

Debian 13 Trixie has already received a fix, so update your systems as soon as possible!

For reference:
https://security-tracker.debian.org/tracker/CVE-2026-43500
https://security-tracker.debian.org/tracker/CVE-2026-43284

On Ubuntu and older Debian versions, you can mitigate the issues manually as follows, until a fix is hopefully released for these systems soon:

https://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available