Dave1d ago
Jan Schaumann

#DirtyFrag status/advisories:

AlmaLinux:
https://almalinux.org/blog/2026-05-07-dirty-frag/

Debian:
https://security-tracker.debian.org/tracker/CVE-2026-43500
https://security-tracker.debian.org/tracker/CVE-2026-43284

Gentoo:
https://bugs.gentoo.org/974307

RedHat:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2026-43284
https://access.redhat.com/security/cve/cve-2026-43284
nothing yet on CVE-2026-43500

Rocky:
https://kb.ciq.com/article/rocky-linux/rl-dirty-frag-mitigation

SUSE / OpenSUSE:
https://www.suse.com/security/cve/CVE-2026-43500.html
https://www.suse.com/security/cve/CVE-2026-43284.html
https://www.suse.com/c/addressing-copy-fail2-aka-dirtyfrag-in-suse-virtualization/

Ubuntu:
https://ubuntu.com/security/CVE-2026-43284
https://ubuntu.com/security/CVE-2026-43500
https://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available

AWS:
https://aws.amazon.com/security/security-bulletins/rss/2026-027-aws/
https://explore.alas.aws.amazon.com/CVE-2026-43284.html

Dirty Frag vulnerability fix is ready for testing

The AnnouncementA week after Copy Fail, researcher Hyunwoo Kim disclosed a second Linux kernel flaw in the same broad area — IPsec ESP and rxrpc — that they have named Dirty Frag. The bug lives in the in-place decryption fast paths of esp4, esp6, and rxrpc: when a socket buffer carries paged fragments that are not privately owned by the kernel (e.g. pipe pages attached via splice(2)/sendfile(2)/MSG_SPLICE_PAGES), the receive path decrypts directly over those externally-backed pages, exposing or corrupting plaintext that an unprivileged process still holds a reference to.

AlmaLinux OS
May 8 at 6:45pmWeb
Show threadzl2tod1d ago

@jschauma

It looks like patched kernels for Debian stable (Trixie) are on the servers.

No Changelogs though, a fairly sure sign of an active critical vulnerability.