The third major Linux kernel flaw in two weeks has been found - thanks to AI

The third major Linux kernel flaw in two weeks has been found - thanks to AI

Briefly

"Fragnesia yields root on all major distributions Following in the footsteps of Copy Fail and Dirty Frag, this page-cache corruption bug gives unprivileged users a reliable path to full root control on affected systems. And what are those systems, you ask? According to AlmaLinux, Fragnesia immediately yields root on all major distributions. So, essentially, all Linux distros can be targeted and successfully hacked. Are we having fun yet or what?"

"The bug was disclosed this week by the AI security company Zellic, with William Bowling and other researchers using the company's AI-agentic software auditing tool, V12. It works by abusing a logic bug in the Linux XFRM (short for "transform") ESP-in-TCP subsystem to write arbitrary bytes into the kernel page cache of read-only files, without requiring any race condition. This opens the door to local privilege escalation and potential container escapes in multi-tenant environments."

"Unlike classic race-condition exploits, these vulnerabilities allow attackers to precisely corrupt file-backed pages without timing tricks, making attacks more reliable and easier to weaponize once proof-of-concept code is available. Speaking of which, there already exists a proof-of-concept exploit. It builds a 256-entry lookup table that maps"