From "ordinary user" to root. A new vulnerability in Linux requires neither hacking experience nor luck.
A dangerous vulnerability in Linux called Fragnasia has been discovered, which allows an ordinary user to gain full control over the system.
The problem affects the Linux kernel and has already received the identifier CVE-2026-46300. Distributor developers have begun releasing security updates.
— The vulnerability is related to an error in the XFRM ESP-in-TCP subsystem.
Due to a failure, a local user without privileges can write arbitrary data into the kernel memory cache for files that are read-only. This mechanism opens the path to launching malicious code with root privileges.
www.securitylab.ru
A dangerous vulnerability in Linux called Fragnasia has been discovered, which allows an ordinary user to gain full control over the system.
The problem affects the Linux kernel and has already received the identifier CVE-2026-46300. Distributor developers have begun releasing security updates.
— The vulnerability is related to an error in the XFRM ESP-in-TCP subsystem.
Due to a failure, a local user without privileges can write arbitrary data into the kernel memory cache for files that are read-only. This mechanism opens the path to launching malicious code with root privileges.
От «обычного пользователя» до root. Новая уязвимость в Linux не требует ни хакерского опыта, ни удачи
Единственный способ защититься от Fragnasia пока что только ломает инфраструктуру.
www.securitylab.ru