container-escape

3 posts

Kernel UAF reachable from user namespace

CVE-2026-29144 Dirty Frag - Linux kernel IP fragment reassembly UAF gives unprivileged users root across major distros. Mechanism, exploitation path, telemetry gaps.

May 12, 2026

Article

User namespaces are still a root pipe

Dirty Frag is a Linux kernel UAF in IP fragment reassembly reachable via unprivileged user namespaces. CVSS 7.8. Mechanism, telemetry gaps, patch boundary.

May 12, 2026

Article

Your patched kernel is still vulnerable

Dirty Frag - CVE-2026-31337, CVSS 7.8 - is a UAF in the Linux kernel's IPv4 fragment reassembly path. Container-to-host root on every major distro.

May 12, 2026