Fragnesia (CVE-2026-46300) overwrites the Linux page cache via XFRM ESP-in-TCP. The Dirty Frag workaround still applies, but IPsec hosts need to check side effects first.
Dirty Frag is a local privilege escalation that writes to the Linux page cache via ESP-in-UDP and RxRPC receive paths. The algif_aead workaround from Copy Fail doesn't help, and the two attack paths complement each other to bypass Ubuntu's AppArmor restrictions on user namespaces.
CVE-2026-31431 Copy Fail is a Linux kernel local privilege escalation bug that lets an unprivileged user write 4 controlled bytes into the page cache via AF_ALG + algif_aead. On containers and CI runners it turns into host compromise.
