{"uuid": "20bf30a0-94fc-4db4-9826-9b58071a0fb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43284", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2026_43284_dirty_frag.rb", "content": "{\"actions\": [], \"aliases\": [], \"arch\": \"cmd\", \"author\": [\"Hyunwoo Kim\", \"Giovanni Heward\"], \"autofilter_ports\": [], \"autofilter_services\": [], \"check\": true, \"default_credential\": false, \"description\": \"CVE-2026-43284 is a Linux kernel page-cache write vulnerability in the IPsec/xfrm\\n          subsystem affecting ESP (Encapsulating Security Payload) fragmentation. Dubbed\\n          \\\"DirtyFrag\\\", the bug allows a local unprivileged user to gain write access to read-only\\n          page-cache pages by triggering a race condition in how the kernel handles shared fragments\\n          when processing ESP-encapsulated UDP packets. The exploit overwrites a SUID binary on disk\\n          to execute an arbitrary payload as root.\", \"disclosure_date\": \"2026-05-08\", \"fullname\": \"exploit/linux/local/cve_2026_43284_dirty_frag\", \"is_install_path\": true, \"mod_time\": \"2026-05-21 11:49:08 +0000\", \"name\": \"xfrm-ESP Page-Cache Write via CVE-2026-43284\", \"needs_cleanup\": true, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"artifacts-on-disk\", \"config-changes\"], \"Stability\": [\"crash-os-down\"]}, \"path\": \"/modules/exploits/linux/local/cve_2026_43284_dirty_frag.rb\", \"platform\": \"Linux,Unix\", \"post_auth\": false, \"rank\": 400, \"ref_name\": \"linux/local/cve_2026_43284_dirty_frag\", \"references\": [\"CVE-2026-43284\", \"URL-https://github.com/V4bel/dirtyfrag\"], \"rport\": null, \"session_types\": [\"shell\", \"meterpreter\"], \"targets\": [\"Auto\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-05-21T10:50:23.000000Z"}