Tailwind White Logo

Security Advisory

Linux Kernel "Dirty Frag" Local Privilege Escalation

A detailed security advisory from Tailwind Resource Group on CVE-2026-43284 (IPsec ESP) and CVE-2026-43500 (RxRPC) — a two-CVE chain in the same architectural bug class as Copy Fail.

  • Critical Security Insights

    Why your existing Copy Fail mitigation does not cover Dirty Frag, and what the multi-tenant Kubernetes blast radius actually looks like.

  • Patch-Window Mitigation

    Modprobe-deny for esp4, esp6, and rxrpc until your distro ships a fixed kernel. Carve-outs documented for IPsec and AFS hosts.

  • Expert Analysis

    Three CVEs in the in-place decryption bug class in nine days. CISA KEV trajectory, BOD 22-01 math, and detection signals worth instrumenting now.

TAILWIND

Resource Group

Security Advisory

Linux Kernel "Dirty Frag" Local Privilege Escalation

CVE-2026-43284 CVE-2026-43500

Mitigation Steps

Tailwind Resource Group · May 2026

Get the Full Advisory

Sign up to receive the full PDF report.

We respect your privacy. Requests are reviewed manually; we'll email you the advisory once approved.