Vulnerability in Linux Kernel Affects Shared skb Fragments
CVE-2026-43284

8.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 May 2026

Badges

📈 Trended📈 Score: 13,500👾 Exploit Exists🟡 Public PoC🟣 EPSS 25%📰 News Worthy

What is CVE-2026-43284?

CVE-2026-43284 is a vulnerability found in the Linux kernel, specifically impacting how shared socket buffers (skb) handle data during the encryption and decryption processes in network packets. The flaw arises from the manner in which the xfrm transport layer processes ESP (Encapsulating Security Payload) packets within UDP (User Datagram Protocol). When shared skb fragments are spliced from a pipe, they may be incorrectly marked, allowing for certain operations to modify packet data directly in-place without copying. This poses a risk as it could enable unauthorized decryption of sensitive information, essentially allowing attackers to manipulate data within the packet without proper ownership checks. The potential for exploiting this vulnerability could lead to data leakage and weaken the overall security of systems utilizing the Linux kernel.

Potential impact of CVE-2026-43284

Data Leakage: Due to the improper handling of shared skb fragments, there’s a risk of sensitive information being decrypted and accessed by unauthorized entities, leading to potential data breaches.
Integrity Compromise: Attackers could exploit this vulnerability to modify data in transit, potentially leading to compromised integrity of network communications, affecting the reliability of data transmission across systems.
Increased Attack Surface: The vulnerability expands the attack vectors against systems leveraging the Linux kernel for networking, which could be targeted by malicious actors to disrupt services or gain unauthorized access to resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

This is an advertDeploy the Patch

Affected Version(s)

Linux cac2661c53f35cbe651bef9b07026a5a05ab8ce0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Dirty-Frag-Kubernetes-PoC
Created by Percivalll

CVE-2026-43284-DirtyFrag-PoC
Created by jayhutajulu1

CVE-2026-43284
Created by LucasPDiniz

News Articles

Zdnet

CVE-2026-43284 CVE-2026-43500

Dirty Frag is a new Linux bug putting your system at risk - and there's no easy fix yet

This Linux kernel vulnerability has defenders scrambling. Here's which systems are affected - and what you should do ASAP.

3 weeks ago

Dark Reading

CVE-2026-43284 CVE-2026-43500

Dirty Frag Exploit Poised to Blow Up on Enterprise Linux Distros

The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.

3 weeks ago