## Third Linux Kernel Flaw in Two Weeks: Fragnesia Vulnerability Enables Root Access via XFRM Exploit
Security researchers have disclosed Fragnesia, a new Linux kernel local privilege escalation vulnerability that allows local attackers to gain root access. Tracked as CVE-2026-46300 with a CVSS score of 7.8, the flaw represents the third critical kernel vulnerability identified within a two-week window, raising serious concerns about the security state of Linux distributions worldwide.

The vulnerability is rooted in the Linux kernel's XFRM subsystem, which handles IPsec packet transformation and encryption policy management. Like the earlier Dirty Frag vulnerabilities in this series, Fragnesia exploits page cache corruption mechanisms to escalate privileges from a standard user account to full root control. The pattern of multiple related flaws emerging in rapid succession suggests systemic weaknesses in how the kernel manages memory and cache structures under specific packet processing conditions.

System administrators and security teams face immediate pressure to assess exposure across servers, cloud infrastructure, and embedded systems running affected kernel versions. The high CVSS score and local attack vector make this particularly dangerous in multi-tenant environments, shared hosting platforms, and any system where untrusted local users have access. Patching timelines and kernel version verification should be treated as urgent priorities, especially given that two related vulnerabilities preceded this disclosure within the same short timeframe.
---
- **Source**: The Hacker News Echo RSS
- **Sector**: The Lab
- **Tags**: linux-kernel, cve-2026-46300, fragnesia, privilege-escalation, xfrm
- **Credibility**: unverified
- **Published**: 2026-05-16 04:48:26
- **ID**: 83730
- **URL**: https://whisperx.ai/en/intel/83730