The third major Linux kernel flaw in two weeks has been found - thanks to AI

2026-05-14 · Source: News and Advice on the World's Latest Innovations | ZDNET · Field: Technology & Digital — Cybersecurity & Data Privacy, Software Development & Engineering, Artificial Intelligence & Machine Learning · Depth: Intermediate, short

Summary

A critical Linux kernel vulnerability, dubbed "Fragnesia" (CVE-2026-46300), has been disclosed, allowing unprivileged users to gain full root control on all major Linux distributions. This page-cache corruption bug, discovered by AI security company Zellic using its V12 AI-agentic software auditing tool, abuses a logic flaw in the Linux XFRM ESP-in-TCP subsystem. Unlike traditional race-condition exploits, Fragnesia enables precise corruption of file-backed pages without timing tricks, making it highly reliable. A proof-of-concept exploit already exists, capable of immediately dropping an attacker into a root shell. Red Hat assigns it a CVSS score of 7.8, indicating a high-level security risk. Its impact is particularly severe in cloud environments, potentially leading to container escapes and host compromise.

Key takeaway

For CTOs and VP of Engineering overseeing Linux-based infrastructure, the emergence of AI-discovered vulnerabilities like Fragnesia necessitates immediate patching. While temporary mitigations exist, they often disable critical network or container functionalities. Prioritize applying official distribution patches as soon as they become available, expected around May 14, to prevent local privilege escalation and potential container escapes in multi-tenant cloud environments.

Key insights

AI-driven tools are accelerating the discovery of critical open-source security vulnerabilities like Fragnesia.

Principles

• AI tools enhance bug detection speed.
• Reliable exploits bypass race conditions.

Method

The Fragnesia exploit builds a 256-entry lookup table mapping keystream bytes to nonces, then overwrites the first 192 bytes of the switch user command in the page cache with an ELF stub to call setresuid and a shell.

In practice

• Disable ESP-in-TCP modules (esp4, esp6, rxrpc).
• Disable unprivileged user namespaces via sysctl.

Topics

• Linux Kernel Vulnerability
• Fragnesia
• Local Privilege Escalation
• AI Security Tools
• ESP-in-TCP Subsystem

Best for: CTO, VP of Engineering/Data, Security Engineer, IT Professional, Tech Journalist

Related on AIssential

• Linux is getting a security wake-up call - why it was inevitable and I'm not worried — Linux's increased popularity and AI-driven vulnerability discovery are challenging its long-held security reputation.
• Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution — New Linux kernel page-cache vulnerabilities enable unprivileged local users to gain root access across major distributions.
• AI turns patches into working exploits in 30 minutes, and the 90-day disclosure window is the casualty — AI language models accelerate vulnerability discovery and exploit generation, invalidating traditional 90-day disclosure policies.
• The Hacker Sent by Anthropic to Calm the Government’s Nerves About AI Safety — AI models like Anthropic's Mythos can readily exploit critical software vulnerabilities, raising significant cybersecurity concerns.
• AI Weekly Issue #480: Monday Edition : npm compromised by North Korea, Iran targets AI data centers, and nobody wants OpenAI stock — Nation-state actors, AI model deception, and market instability are converging to challenge the AI ecosystem.
• Partnering with Mozilla to improve Firefox’s security — AI models like Claude Opus 4.6 can autonomously find and help fix high-severity software vulnerabilities at accelerated speeds.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by News and Advice on the World's Latest Innovations | ZDNET.