Cert-In-Advisories

[CIVN-2026-0240] Linux Kernel XFRM ESP-in-TCP Local Privilege Escalation Vulnerability

By Published On: May 19, 2026

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256


Linux Kernel XFRM ESP-in-TCP Local Privilege Escalation Vulnerability


Indian – Computer Emergency Response Team (https://www.cert-in.org.in)


Severity Rating: HIGH


Systems Affected


Ubuntu

Red Hat Enterprise Linux

openSUSE

CentOS Stream

AlmaLinux

Debian

Gentoo

Fedora

Overview


A privilege escalation vulnerability referred to as ‘Fragnesia’ has been reported in the Linux Kernel XFRM ESP-in-TCP subsystem, which could allow a local authenticated attacker to gain root privileges by corrupting the kernel page cache.


Target Audience:

Organizations and individuals using the affected versions of Linux Kernel.


Risk Assessment:

High risk of privilege escalation and complete system compromise.


Impact Assessment:

Potential for unauthorized access to system resources, sensitive data exposure and system compromise.


Description


The Linux kernel is the core component of many operating system, responsible for managing hardware resources and providing essential system services, including cryptographic operations.


The vulnerability exists due to improper handling of shared page fragments during skb coalescing within the Linux XFRM ESP-in-TCP implementation. An attacker with local access could exploit this flaw to modify read-only file contents stored in kernel memory and subsequently obtain root privileges.


Successful exploitation of this vulnerability could allow a local attacker to gain elevated privileges on the affected system.


Solution


Apply appropriate updates as mentioned by the vendors:

https://ubuntu.com/security/CVE-2026-46300


https://access.redhat.com/security/cve/cve-2026-46300


https://www.suse.com/security/cve/CVE-2026-46300


https://almalinux.org/blog/2026-05-13-fragnesia-cve-2026-46300/


https://security-tracker.debian.org/tracker/CVE-2026-46300


https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-46300



Vendor Information


Almalinux

https://almalinux.org/blog/2026-05-13-fragnesia-cve-2026-46300/


RedHat

https://access.redhat.com/security/cve/cve-2026-46300


Ubuntu

https://ubuntu.com/security/CVE-2026-46300


Debain

https://security-tracker.debian.org/tracker/CVE-2026-46300


SUSE

https://www.suse.com/security/cve/CVE-2026-46300.html


Gentoo

https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-46300


References


 

https://almalinux.org/blog/2026-05-13-fragnesia-cve-2026-46300/

https://www.tenable.com/blog/fragnesia-cve-2026-46300-faq-about-new-linux-kernel-xfrm-esp-in-tcp-priv-esc

https://access.redhat.com/security/cve/cve-2026-46300

https://ubuntu.com/security/CVE-2026-46300

https://security-tracker.debian.org/tracker/CVE-2026-46300

https://www.suse.com/security/cve/CVE-2026-46300.html

https://explore.alas.aws.amazon.com/CVE-2026-46300.html

https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-46300


CVE Name

CVE-2026-46300




– —


Thanks and Regards,

CERT-In


Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS


Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–


iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoMd+gACgkQ3jCgcSdc

ys/dYw//W47b4CxJRu19giBm1Npyle79rv+fnVyM6kJfATTBrLsg21Xz1clbJ2c5

kz3N/KCvv6wBmLzQp+i5FQJoxCw/nwQhI8zmpC8Oe4C2wsKkyEbROYo40xd0aip7

7x43TIHvN0yawp14vH4OPIjik8MOsrIhs5FYmz3s/wwkGHMlVU124O7cIYNxi+dO

jHTkZAGJXq/oGdVcCFLDaSau+THkHa63j0ejd7aXrxSmUOyslWqjBxaGDuxOLlx9

ztXo47V6r0LmC5g+/rl0BzEtbCujmTyXcH57aH10j+k6aXgrsmoKxr388EXEAuan

9nKPtGUNHJBPi/F+oDcU/sYssCOm1L9qtO98Oo81lJ6GamjpUksKIlItTk19fk/o

zqvDYne2IZ5js5Gu9J8I3NoVpojfmzc6jbTquLdcHkjCM0NLFH+mKdtqB4hODSTA

lwnhPwRwi+reQH7+ShzgedmZlBX4KVU+Hfu1CvKbQ7OV5yoaeC24tVr3faZWOnQV

VgIZZA9i+Q9nn1CqeasNfVu3JusjTGG5f2llMTWr2fgIqM5ANlxNln6LzDuqnv/v

X/wLYA8Qiq+p4QwticuO9k9HJ/Z2MNwEA8yDEK/ybVou/0R+fFEp2VILMrzYAFtU

M2Hk/frybIClPfR9Z165c+O/awJyH0FskwhRPuHr3+ROjEcE4Ts=

=h/Bn

—–END PGP SIGNATURE—–

Share this article

Related Posts

[CIVN-2026-0250] Race Condition Vulnerability in Linux Kernel

[CIVN-2026-0250] Race Condition Vulnerability in Linux Kernel

May 20, 2026
[CIVN-2026-0250] Improper Access Control Vulnerability in FortiAuthenticator

[CIVN-2026-0250] Improper Access Control Vulnerability in FortiAuthenticator

May 20, 2026
[CIVN-2026-0249] Information Disclosure Vulnerability in Microsoft Authenticator

[CIVN-2026-0249] Information Disclosure Vulnerability in Microsoft Authenticator

May 20, 2026
Total Views: 23|Daily Views: 6
Follow us :

Categories

Archives

Join our team

Join us today latest article updates!