Advisory on CVE-2026-43284

On May 7, 2026, security researchers disclosed a local privilege escalation vulnerability in the Linux kernel.

The vulnerability, referred to as Dirty Frag, allows an unprivileged local user to escalate privileges to root on affected Linux systems. It exploits a chain of two separate kernel vulnerabilities in the xfrm-ESP and Rx Remote Procedure Call protocol (RxRPC) subsystems. The exploit is reliable and deterministic, does not rely on race conditions, and publicly available Proof Of Concept (PoC) code exists. Importantly, systems patched for the related “Copy Fail” vulnerability CVE-2026-31431 are still vulnerable to Dirty Frag.

The CVE ID CVE-2026-43284 and CVE-2026-43500 are assigned to this vulnerability and classified as High severity with a CVSS score of 8.8 by the Linux kernel CVE team.

Impacted IONOS CLOUD products

Product Ranges

Product

Impacted

Mitigated

Patch Status

Compute

Compute Engine (vCPU)

Yes

In Progress

Compute

Compute Engine (Dedicated Core)

Yes

In Progress

Container

Managed Kubernetes

Yes

In Progress

Storage

Block Storage (HDD or SSD)

Not Applicable

Storage

IONOS CLOUD Object Storage

Yes

In Progress

Risk on IONOS CLOUD user environment

Users running Linux-based virtual machines on IONOS CLOUD infrastructure must assess whether their guest operating systems are running vulnerable kernel versions. A local user on an affected guest system may be able to escalate privileges to root. IONOS CLOUD managed services listed as impacted are being actively remediated; there is no known direct exposure to end users from those services at this time.

What action has IONOS CLOUD taken to mitigate the vulnerability?

IONOS CLOUD is aware of this vulnerability and has already initiated the required steps to mitigate it. For Compute Engine infrastructure, a mitigation blocking the affected kernel modules from loading has been applied. For impacted managed services, we are actively applying the required mitigations and monitoring for the availability of upstream kernel patches.

We will provide necessary updates as we learn more.

What action can you take to mitigate the vulnerability?

If you run Linux-based virtual machines on IONOS CLOUD, apply the latest security updates from your Linux distribution vendor as soon as they become available. No patched kernels are currently available from major distributions; monitor your distribution's security advisories closely. Until a kernel patch is available, you can reduce risk by preventing the affected kernel modules (esp4, esp6, rxrpc) from loading on your systems.

How can I get help?

If you have further questions or concerns about this vulnerability, contact IONOS CLOUD Support.

PreviousVulnerability Register - 2026 NextAdvisory on CVE-2026-31431

Last updated 12 days ago

Was this helpful?