A newly disclosed local privilege escalation (LPE) vulnerability known as Dirty Frag is raising serious concerns across the Linux ecosystem after researchers revealed that the flaw can grant root access to most major Linux distributions. The vulnerability, which currently remains unpatched, has been described as a successor to the previously disclosed Copy Fail flaw tracked as CVE-2026-31431. 

Security researcher Hyunwoo Kim, also known online as @v4bel, publicly disclosed the issue after what he described as a breakdown in the coordinated disclosure and embargo process. The vulnerability was initially reported to Linux kernel maintainers on April 30, 2026, but no official fixes or CVE iden...