Signal

Two new Linux kernel local privilege escalation flaws with public exploits emerge

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-06-26 11:51 UTCUpdated 2026-06-26 23:50 UTC

rss

cveexploitlinuxlocal_privilege_escalationsecurity_advisory

Trend in the last 24h

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (3)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

2 Linux kernel flaw PoCs published, enabling local privilege escalation

SC Media · News · scworld.com · 2026-06-26 23:50 UTC

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

thehackernews · News · thehackernews.com · 2026-06-26 13:00 UTC

limited source diversity in top sources

View all evidence

Overview

In June 2026, two critical Linux kernel vulnerabilities were publicly disclosed, each enabling local privilege escalation to root. DirtyClone, a variant of the DirtyFrag vulnerability class, allows attackers to corrupt file-backed memory via cloned network packets. The pedit COW flaw involves an out-of-bounds write in the packet-editing subsystem that poisons shared page-cache memory. Both vulnerabilities have working public exploits, underscoring the need for immediate patching to prevent system compromise.

Score total

1.1

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

Public proof-of-concept exploits have been released, demonstrating active exploitation risk.
Patches have recently been issued, making timely updates critical.
The vulnerabilities affect core Linux kernel components used in many environments.

Why it matters

Local privilege escalation flaws can allow attackers to gain root access, compromising system security.
Public exploits increase the urgency for patching vulnerable Linux systems.
Linux kernel vulnerabilities affect a wide range of devices and servers globally.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

DirtyClone (CVE-2026-43503) is a Linux kernel local privilege escalation flaw allowing root via cloned network packets.
Pedit COW (CVE-2026-46331) is a Linux kernel flaw enabling root access by corrupting shared page-cache memory through packet editing.

How sources frame it

The Hacker News: neutral
SC Media: neutral

This briefing highlights two critical Linux kernel vulnerabilities with public exploits, emphasizing the importance of timely patching.

All evidence

2 Linux kernel flaw PoCs published, enabling local privilege escalation

SC Media · scworld.com · 2026-06-26 23:50 UTC

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

thehackernews · thehackernews.com · 2026-06-26 13:00 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

SC Media (1)
thehackernews (1)

Top origin domains (this list)

scworld.com (1)
thehackernews.com (1)