Provider
LinodeIncident detail
[Fragnesia] Linux Privilege Escalation Vulnerability
[Fragnesia] Linux Privilege Escalation Vulnerability
Timeline window
to
Timeline
Incident updates
Updates are normalized from the official source chronology so timeline changes remain easy to scan.
Investigating
Akamai is aware of the recently disclosed “Fragnesia”[1] vulnerability, following the “DirtyFrag”[2] and “CopyFail”[3] disclosures. This vulnerability is very similar in nature and has a similar impact, exploit path, and mitigation approach. We have not observed any related malicious exploits targeting our infrastructure and are continuing to address the vulnerability across our product portfolio and internal systems. As with “CopyFail” and “DirtyFrag”, we are advising customers to consider most Linux distributions to be at-risk until patched. Since the “Fragnesia” vulnerability was disclosed prior to upstream patches having been made available, we are forced to wait for the different OS providers to create new releases or patches before we can integrate them into the versions we make available to customers. As this is a rapidly developing incident, we will provide further information regarding recommended actions, possible mitigations, and OS updates for all customers who may be affected. [1] https://github.com/v12-security/pocs/tree/main/fragnesia [2] https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md [3] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/
Investigating
We are responding to the publication of the most recent variation of the CopyFail[1] adjacent vulnerabilities “DirtyFrag” and “Fragnesia” with additional updates while we wait for upstream OS providers to release patches. Please see our detailed advisory[2] for more information on the current status, possible mitigation mechanisms, and our recommended actions. We will provide another update when more OS images have been updated and/or additional attack vectors are discovered. [1] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/ [2] https://www.linode.com/docs/guides/dirty-frag-mitigation/
Investigating
We are responding to the publication of the most recent variation of the CopyFail[1] adjacent vulnerabilities “DirtyFrag” and “Fragnesia” with additional updates while we wait for upstream OS providers to release patches. Please see our detailed advisory[2] for more information on the current status, possible mitigation mechanisms, and our recommended actions. We will provide another update when more OS images have been updated and/or additional attack vectors are discovered. [1] https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/ [2] https://www.linode.com/docs/guides/dirty-frag-mitigation/
Resolved
We have completed our investigation and response to the "DirtyFrag" (CVE-2026-43500, CVE-2026-43284) and "Fragnesia" (CVE-2026-46300) vulnerabilities. We have published documentation articles with detailed guidance on available mitigations and recommended actions for affected systems. Customers can find more information and step-by-step instructions here: https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/ https://www.linode.com/docs/guides/dirty-frag-mitigation/ We encourage all customers to review the article and apply the appropriate mitigations to their environments. If you have questions or need assistance, please contact us at 855-454-6633 (+1-609-380-7100 Intl.) or email support@linode.com for assistance.