DirtyDecrypt: PoC Released for yet another Linux flaw

DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root.

After Copy Fail, Dirty Frag, and Fragnesia, here comes DirtyDecrypt, another local privilege escalation vulnerability in the kernel, this time with a working proof-of-concept already out in the open.

The flaw was discovered and reported on May 9, 2026 by the Zellic and V12 security team, who kernel maintainers then told that it was a duplicate of something already fixed upstream. No CVE was assigned directly to their report, but the National Vulnerability Database includes a link to the DirtyDecrypt PoC in the record for CVE-2026-31635 (CVSS 7.5), making the connection clear enough. The exploit code is publicly available on GitHub.

“DirtyDecrypt, also known as DirtyCBC, is a variant of CopyFail / DirtyFrag / Fragnesia. We found and reported this on May 9, 2026, but was informed it was a duplicate by the maintainers. We’re releasing it now since it’s patched on mainline.” reads the PoC description. “It’s a rxgk pagecache write due to missing COW guard in rxgk_decrypt_skb. See poc.c for more details.”

The vulnerability resides in the function rxgk_decrypt_skb() that is responsible for decrypting incoming socket buffers in the rxgk subsystem. The core issue is a missing copy-on-write (COW) guard, the mechanism the kernel uses to prevent writes to shared memory pages from bleeding into other processes’ data.

“The specific fault sits in rxgk_decrypt_skb(), the function that decrypts an incoming sk_buff (socket buffer) on the receive side. In this code path the kernel handles memory pages that are partly shared with the page cache of other processes — a normal Linux optimisation protected by copy-on-write: as soon as a write to a shared page happens, a private copy is made beforehand so that the write doesn’t bleed into another process’s data. In rxgk_decrypt_skb() that guard is missing.” reads the analysis published by Moselwal. “A decryption write goes directly to a shared page-cache page, and the write lands in memory that belongs to another, privileged process, or, depending on the exploit path, in the page cache of a privileged file (e.g. /etc/shadow, /etc/sudoers or a SUID binary).”

Without that guard in place, an attacker can write data into the memory of privileged processes or directly into the page cache of sensitive files, think /etc/shadow, /etc/sudoers, or a SUID binary, ultimately achieving root privileges.

DirtyDecrypt does not hit every Linux system. The vulnerability only impacts distributions that compile the kernel with CONFIG_RXGK enabled, which includes Fedora, Arch Linux, and openSUSE Tumbleweed. Standard Ubuntu or Debian installs are not affected. There is one scenario worth flagging separately though: in containerized environments, a vulnerable worker node could provide a path to escape the pod, turning a local privilege escalation into something considerably more impactful in a Kubernetes context.

DirtyDecrypt does not stand alone. Zellic considers it a variant of a cluster of related vulnerabilities that have surfaced over the past few weeks, all sharing the same underlying class of page cache write primitive.

Copy Fail (CVE-2026-31431) came first, disclosed on April 29 by researchers at Theori, a local privilege escalation in the AF_ALG cryptographic socket interface. A week later came Dirty Frag (CVE-2026-43284 and CVE-2026-43500), which extends Copy Fail with two separate page cache write primitives. The disclosure of Dirty Frag had an unusually messy path: researcher Hyunwoo Kim was bound by an agreed embargo, but a patch for CVE-2026-43284 was merged into the public tree on May 5, and another researcher, unaware of the embargo, analyzed the commit and published details independently, collapsing the timeline. Fragnesia (CVE-2026-46300) rounds out the family, bringing the same attack class to the XFRM ESP-in-TCP subsystem.

DirtyDecrypt is arriving in an already crowded few weeks for Linux security. Two other notable flaws deserve attention.

Pack2TheRoot (CVE-2026-41651, CVSS 8.8) is a local privilege escalation in the PackageKit daemon, used for package management across several distributions. And then there is ssh-keysign-pwn (CVE-2026-46333, CVSS 5.5), an improper privilege management flaw in the kernel that lets an unprivileged local user read root-owned secrets including SSH private keys. Not remotely exploitable on its own, but in multi-user environments or partially compromised systems it is exactly the kind of primitive that completes an attack chain.

Patches and advisories for CVE-2026-46333 are already available from the major distributions: AlmaLinux, Amazon Linux, CloudLinux, Fedora, Gentoo, Red Hat, SUSE, and Ubuntu.

The message for anyone managing exposed Linux systems is straightforward: check whether CONFIG_RXGK is enabled in your kernel configuration, apply available updates, and do not wait too long, working PoC code is already public, and the gap between publication and active exploitation tends to close faster than patch deployment cycles allow.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Linux)