Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE).
Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it was a duplicate of a vulnerability that had already been patched in the mainline.
“It’s a rxgk pagecache write due to missing COW [copy-on-write] guard in rxgk_decrypt_skb,” Zellic co-founder Luna Tong (aka cts and gf_256) said in a description shared on GitHub.
Although the CVE identifier was not disclosed, the vulnerability in question is CVE-2026-31635 (CVSS score: 7.5) based on the fact that the NIST National Vulnerability Database (NVD) includes a link to the DirtyDecrypt PoC in its CVE record.
“The specific fault sits in rxgk_decrypt_skb(), the function that decrypts an incoming sk_buff (socket buffer) on the receive side,” Moselwal said.
“In this code path the kernel handles memory pages that are partly shared with the page cache of other processes – a normal Linux optimisation protected by copy-on-write: as soon as a write to a shared page happens, a private copy is made beforehand so that the write doesn’t bleed into another process’s data.”
The absence of this COW guard in rxgk_decrypt_skb means that data gets written to the memory of privileged processes or, depending on the exploit path, to the page cache of privileged files, such as etc/shadow, /etc/sudoers, or a SUID binary, leading to local privilege escalation.
DirtyDecrypt impacts only distributions with CONFIG_RXGK enabled, such as Fedora, Arch Linux, and openSUSE Tumbleweed. In containerized environments, worker nodes running a vulnerable version of Linux could provide a pathway to escape the pod.
The vulnerability, per Zellic, is assessed to be a variant of Copy Fail (CVE-2026-31431), Dirty Frag aka Copy Fail 2 (CVE-2026-43284 and CVE-2026-43500), and Fragnesia (CVE-2026-46300), all of which grant root access on vulnerable systems.
Copy Fail, a local privilege escalation flaw in the AF_ALG cryptographic socket interface, was disclosed by researchers at Theori on April 29, 2026. It was followed by Dirty Frag a week later. Dirty Frag expands on Copy Fail with two page-cache write primitives.
However, security researcher Hyunwoo Kim was forced to go ahead with public disclosure after the agreed-upon embargo window ended prematurely when a merged patch for CVE-2026-43284 on May 5 led another researcher, who was unaware of the embargo, to analyze and independently publish details of the defect.
“I read the commit, recognized the xfrm ESP-in-UDP MSG_SPLICE_PAGES no-COW path against shared pipe pages as an LPE primitive, and built a PoC,” the researcher, who goes by the online aliases 0xdeadbeefnetwork and afflicted.sh, noted. “The work is n-day weaponization from a public upstream commit, which is standard practice once a security-relevant fix lands in a public tree.”
Fragnesia is another variant of Dirty Frag and impacts the XFRM ESP-in-TCP subsystem. But the outcome is the same: it allows unprivileged local attackers to modify read-only file contents in the kernel page cache and obtain root privileges.
The development dovetails with the discovery of an LPE flaw in the Linux PackageKit daemon (CVE-2026-41651 aka Pack2TheRoot, CVSS score: 8.8) and an improper privilege management flaw in the kernel (CVE-2026-46333 aka ssh-keysign-pwn, CVSS score: 5.5), which allows an unprivileged local user to read root-owned secrets like SSH private keys.
Various Linux distributions have released advisories for CVE-2026-46333 –
Kernel Killswitch?
The flurry of new disclosures within a span of a few weeks has prompted Linux kernel developers to review a proposal for an emergency “killswitch” that would allow administrators to disable vulnerable kernel functions at runtime until a patch for a zero-day vulnerability becomes available.
“Killswitch lets a privileged operator make a chosen kernel function return a fixed value without executing its body, as a temporary mitigation for a security bug while a real fix is being prepared,” according to a proposal submitted by Linux kernel developer and maintainer Sasha Levin.
“The function returns the operator-supplied value and nothing else runs in its place. There is no allowlist, no return-type check; if the kprobe layer accepts the symbol, killswitch engages it. Once engaged, the change is in effect on every CPU until “disengage“ is written or the system reboots.”
Rocky Linux Debuts Security Repository
Rocky Linux, for its part, has introduced an optional security repository that allows the distribution to ship urgent security fixes quickly, particularly in scenarios where severe vulnerabilities become public knowledge before coordinated upstream fixes arrive.
“The repository is disabled by default. That’s intentional,” the maintainers said. “The default Rocky Linux experience stays exactly what it has always been: predictable, stable, and fully upstream-compatible. Administrators who want access to accelerated fixes can opt in when they need it.”
The security repository specifically caters to “specific, narrow” cases where a significant vulnerability is public, exploit code exists, and upstream patches are not available yet. Rocky Linux has emphasized that it’s not a replacement for the regular release process.
“If we push a fix and upstream decides not to address it, the next upstream kernel release will supersede our patched version,” the maintainers added. “Users who haven’t version-locked their kernel will, at that point, no longer have our fix. That’s the trade-off we accepted when building this.”
