# Advisory on CVE-2026-43284

On May 7, 2026, security researchers disclosed a local privilege escalation vulnerability in the Linux kernel.

The vulnerability, referred to as **Dirty Frag**, allows an unprivileged local user to escalate privileges to root on affected Linux systems. It exploits a chain of two separate kernel vulnerabilities in the `xfrm-ESP` and Rx Remote Procedure Call protocol (RxRPC) subsystems. The exploit is reliable and deterministic, does not rely on race conditions, and publicly available Proof Of Concept (PoC) code exists. Importantly, systems patched for the related “Copy Fail” vulnerability [<mark style="color:blue;">CVE-2026-31431</mark>](/cloud/security-safeguards/vulnerability-register/2026/cve-2026-31431.md) are still vulnerable to Dirty Frag.

The CVE ID **CVE-2026-43284** and **CVE-2026-43500** are assigned to this vulnerability and classified as **High** severity with a CVSS score of **8.8** by the Linux kernel CVE team.

## Impacted IONOS CLOUD products

| Product Ranges | Product                                                                                                                      | Impacted | Mitigated      | Patch Status   |
| -------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------- | -------------- | -------------- |
| Compute        | [<mark style="color:blue;">Compute Engine (vCPU)</mark>](/cloud/compute-services/compute-engine/vcpu-server.md)              | Yes      | Yes            | In Progress    |
| Compute        | [<mark style="color:blue;">Compute Engine (Dedicated Core)</mark>](/cloud/compute-services/compute-engine/dedicated-core.md) | Yes      | Yes            | In Progress    |
| Container      | [<mark style="color:blue;">Managed Kubernetes</mark>](/cloud/containers/managed-kubernetes.md)                               | Yes      | In Progress    | In Progress    |
| Storage        | [<mark style="color:blue;">Block Storage</mark>](/cloud/backup-and-storage/block-storage.md) (HDD or SSD)                    | No       | Not Applicable | Not Applicable |
| Storage        | [<mark style="color:blue;">IONOS CLOUD Object Storage</mark>](/cloud/backup-and-storage/ionos-object-storage.md)             | Yes      | In Progress    | In Progress    |

## Risk on IONOS CLOUD user environment

Users running Linux-based virtual machines on <code class="expression">space.vars.ionos\_cloud</code> infrastructure must assess whether their guest operating systems are running vulnerable kernel versions. A local user on an affected guest system may be able to escalate privileges to root. <code class="expression">space.vars.ionos\_cloud</code> managed services listed as impacted are being actively remediated; there is no known direct exposure to end users from those services at this time.

## What action has IONOS CLOUD taken to mitigate the vulnerability?

<code class="expression">space.vars.ionos\_cloud</code> is aware of this vulnerability and has already initiated the required steps to mitigate it. For Compute Engine infrastructure, a mitigation blocking the affected kernel modules from loading has been applied. For impacted managed services, we are actively applying the required mitigations and monitoring for the availability of upstream kernel patches.

We will provide necessary updates as we learn more.

## What action can you take to mitigate the vulnerability?

If you run Linux-based virtual machines on <code class="expression">space.vars.ionos\_cloud</code>, apply the latest security updates from your Linux distribution vendor as soon as they become available. No patched kernels are currently available from major distributions; monitor your distribution's security advisories closely. Until a kernel patch is available, you can reduce risk by preventing the affected kernel modules (`esp4`, `esp6`, `rxrpc`) from loading on your systems.

## How can I get help?

If you have further questions or concerns about this vulnerability, contact [<mark style="color:blue;">IONOS CLOUD Support</mark>](https://docs.ionos.com/cloud/support/general-information/contact-information).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ionos.com/cloud/security-safeguards/vulnerability-register/2026/cve-2026-43284.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.