Vulnerability Assessment – DirtyFrag (CVE-2026-43284, CVE-2026-43500) and CopyFail (CVE-2026-31431)
Two related Linux kernel local privilege escalation vulnerabilities, dubbed “CopyFail” and “DirtyFrag,” were publicly disclosed in early May 2026. These vulnerabilities affect the kernel’s cryptographic and network subsystems, and in an unprotected environment could allow an unauthorized local user to gain root access to a Linux server. A proof-of-concept exploit was published shortly after disclosure.
Our servers have been assessed for these vulnerabilities. Our standard security protocols prevent this type of access. The remote paths used by these exploits do not exist in our environment.
DirtyFrag:
- Wiz Blog – DirtyFrag Linux Privilege Escalation
- Tenable FAQ – DirtyFrag
- Help Net Security – DirtyFrag
CopyFail:
Vulnerability Assessment – DirtyFrag and CopyFail – CompanionLink and DejaCloud Sync was last updated May 11th, 2026 by