\n Safety Operations<\/a>\n <\/p>\n Kernel Privilege Escalation Has One Linux Maintainer Considering a ‘Kill Swap’<\/span> Again-to-back kernel vulnerabilities in Linux has defenders scrambling to use defenses within the age of fast turnaround time for hackers to use nascent flaws.<\/p>\n See Additionally:<\/b> How Organizations Are Strengthening Defenses Towards Scattered Spider<\/a><\/p>\n “Soiled Frag” and “Copy Fail” kernel privilege escalation vulnerabilities turned public information inside two weeks of one another (see: ‘Soiled Frag’ Offers Root on Linux Distros<\/i><\/a>).<\/p>\n Microsoft mentioned<\/a> in a Friday weblog that it has discovered restricted in-the-wild exercise related to both one of many vulnerabilities. <\/p>\n One Linux maintainer is floating the potential for integrating a “kill change” characteristic that may enable admins to briefly shut down weak kernel features whereas patches are developed. <\/p>\n “For many customers, the price of ‘this socket household stops working for the day’ is way smaller than the price of operating a recognized weak kernel till the repair land,” Linux secure kernel co-maintainer and Nvidia engineer Sasha Levin wrote in an e mail<\/a>.<\/p>\n The proposal isn’t official and it is solely meant to purchase time between kernel vulnerability discoveries and patch releases.<\/p>\n “As we have seen with the invention of ‘Soiled Frag’ recent on the heels of ‘Copy Fail,’ AI-assisted vulnerability discovery is quickly accelerating the identification of recent vulnerabilities, a pattern that’s solely going to proceed as these fashions proceed to grow to be extra highly effective,” mentioned Scott Caveza, senior workers analysis engineer at Tenable.<\/p>\n Defenders in manufacturing environments are cautious about collateral damages of emergency kernel patching.<\/p>\n “Making use of kernel updates and rebooting throughout enterprise programs requires planning, downtime and threat assessments, leaving system directors on edge for the ‘what if’ eventualities: what occurs if this patch causes unrelated efficiency points?” Caveza mentioned.<\/p>\n “Soiled Frag” impacts Linux distributions together with Ubuntu, Crimson Hat Enterprise Linux, CentOS Stream, AlmaLinux, openSUSE Tumbleweed and Fedora. It chains two vulnerabilities collectively: one impacts modules that present assist for storage for EFI boot loaders and is tracked as CVE-2026-43284<\/a>.<\/p>\n The opposite impacts the RxRPC networking subsystem and was assigned CVE-2026-43500<\/a> on Monday.<\/p>\n “A low-privileged native attacker can abuse zero-copy\/splice mechanisms to deprave privileged recordsdata corresponding to \/usr\/bin\/su or \/and so forth\/passwd and procure root privileges, making the difficulty a part of the identical broader bug class as Soiled Pipe and Copy Fail,” mentioned<\/a> RedHat.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":" Safety Operations Kernel Privilege Escalation Has One Linux Maintainer Considering a ‘Kill Swap’ Tiffany Wang \u2022 Could 12, 2026 \u00a0 \u00a0 Picture: Shutterstock Again-to-back kernel vulnerabilities in Linux has defenders scrambling to use defenses within the age of fast turnaround time for hackers to use nascent flaws. See Additionally: How Organizations Are Strengthening Defenses Towards […]<\/p>\n","protected":false},"author":2,"featured_media":14726,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[9055,776,3102,2026,1077,3796],"class_list":["post-14724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-defenders","tag-exploit","tag-face","tag-linux","tag-patch","tag-race"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14724"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14724\/revisions"}],"predecessor-version":[{"id":14725,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14724\/revisions\/14725"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/14726"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n
\n Tiffany Wang<\/a> \u2022
\n Could 12, 2026<\/span> \u00a0 \u00a0 <\/span><\/p>\n![\"Linux](\"https:\/\/ismg-cdn.nyc3.cdn.digitaloceanspaces.com\/articles\/linux-defenders-face-patch-exploit-race-image_large-3-a-31669.jpg\")