Use Reddit? Come join our Reddit Sub as another place to follow the community!
We use affiliate links to earn us some pennies. Learn more.

Linux security flaws Dirty Frag and Copy Fail are a good reminder to stay up to date

By -
4 comments

Last updated: 8 May 2026 at 8:46 am UTC

Have you run your Linux distribution updates recently? You probably should, because Dirty Frag and Copy Fail are coming for you. Two major Local Privilege Escalation (LPE) security issues have been revealed in a short time, which is not ideal.

For Copy Fail that was revealed at the end of April the website notes it simply enough for you "An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root" - pretty bad. There's thankfully some patches rolling out across different distributions for it.

And now we also have Dirty Frag, which has been fully revealed early due to an embargo being broken and so Linux distribution developers will need to scramble to get patches ready for it. The impact is very similar to Copy Fail, enabling an attacker to gain root access to your system to do whatever they feel like.

However, a quick workaround (taken from the Dirty Frag disclosure) can be done as noted to protected yourself via terminal:

sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; echo 3 > /proc/sys/vm/drop_caches; true"

This is a special case, because no current patches exist. It should be fine to run on any distribution.

Keep a close eye on updates coming in over the next week, you're going to need them.

Article taken from GamingOnLinux.com.
Tags: Security, Distro News, Kernel, Misc, Open Source
4 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. You can follow me personally on Mastodon [External Link].
See more from me
Some you may have missed, popular articles from the last month:
SteamVR Beta brings a number of fixes for Linux gamers
Valve dev fixes up VRAM management on AMD GPUs to improve performance
DRAGON BALL XENOVERSE 3 gets formally announced
Canonical developer lays out some AI plans for Ubuntu Linux
All posts need to follow our rules. Please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Readers can also email us for any issues or concerns.
4 comments

Maki 3 hours ago
Note that both vulnerabilities are for a local user to gain root access.

They're being blown up out of proportion, if you ask me. And I'm not happy at all about the tools used to find them or the methods to reveal them before a patch could be written and distributed.
PlayingOnLinuxphone 3 hours ago
User Avatar
From the [issues](https://github.com/V4bel/dirtyfrag/issues) it seems Debian 12 is not affected, 13 and 14 are. I cannot say how trustworthy. The one-line-command also deletes the compromised cache, so infected systems should be clean after that command (if no malware got installed) if I understand it correctly. After this command it is still required to update once your distro delivers a patch. It seems the disclosure went wrong and got published too early, so distros may take a bit longer to deliver a patch than usual.
Eike 3 hours ago
  • Supporter Plus
Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.
Isn't that what privilege escalation is all about?
You got to local user, then you enhance your rights and become root.
I mean, it's not like "local user" means someone has to sit at your keyboard...

Last edited by Eike on 8 May 2026 at 9:34 am UTC
Ehvis 12 minutes ago
User Avatar
  • Supporter Plus
Quoting: Eike
Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.
Isn't that what privilege escalation is all about?
You got to local user, then you enhance your rights and become root.
I mean, it's not like "local user" means someone has to sit at your keyboard...
No, but someone still needs to have a local user account. So this is a big problem for multi-user systems. But I imagine most of us operate their home machine for themselves only, so for most of "us" it's not immediately exploitable.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon Logo Patreon. Plain Donations: PayPal Logo PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register
Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Guides
MorrowindHow to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
By Liam Dawe,
11
Hollow Knight: SilksongHow to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam Deck
By Liam Dawe,
1
> View more Tips & Guides
Recently Updated
Buy Games
Buy games with our affiliate / partner links:
Latest Forum Posts
Misc