top of page
ALL POSTS
CISA Adds Actively Exploited Vulnerabilities to KEV Catalog
Key Findings CISA added two actively exploited vulnerabilities to the Known Exploited Vulnerabilities catalog requiring immediate remediation CVE-2022-0492 affects Linux Kernel with CVSS 7.8, enabling privilege escalation and container escape attacks CVE-2025-48595 targets Android 14 and later with CVSS 8.4, allowing arbitrary code execution with elevated privileges Federal agencies must patch both vulnerabilities by June 5, 2026 under Binding Operational Directive 22-01 Both
Jun 32 min read
New Fragnesia Linux Kernel LPE Vulnerability Grants Root Access Through Page Cache Corruption
Key Findings CVE-2026-46300 (Fragnesia) is a new Linux kernel LPE vulnerability with CVSS score 7.8 that grants unprivileged attackers root access via page cache corruption The flaw exists in the XFRM ESP-in-TCP subsystem and was discovered by William Bowling of the V12 security team Unlike the related Dirty Frag vulnerability, Fragnesia requires no host-level privileges for exploitation This is the third major Linux kernel LPE discovered in two weeks, following Copy Fail and
May 143 min read
Copy Fail: New Linux Bug Enables Root Access via Page-Cache Corruption
Key Findings CVE-2026-31431 ("Copy Fail") allows any unprivileged local user to write 4 controlled bytes into the page cache of readable files A 732-byte Python script can modify setuid binaries in memory and escalate privileges to root The vulnerability affects all major Linux distributions (Ubuntu, RHEL, SUSE, Amazon Linux) with kernels built between 2017 and the patch date Exploits are race-free, stealthy, and can cross container boundaries due to shared page cache CVSS sc
May 13 min read
bottom of page
