Home · Briefs · CTI Weekly Summary — 2026-W20 (May 11 – May 17, 2026)
CVE-2026-46300 — Linux kernel xfrm ESP-in-TCP LPE ("Fragnesia"), PoC public
From CTI Weekly Summary — 2026-W20 (May 11 – May 17, 2026) · published 2026-05-17
Disclosed 2026-05-15 with public PoC; mainline kernel patch landed 2026-05-14, distro propagation underway. LPE primitive against the xfrm ESP-in-TCP code path; trips IPsec VPN endpoints in particular. Mitigation modprobe -r esp4 esp6 (breaks IPsec). Distinct from Dirty Frag (different code paths) but conceptually adjacent — both abuse kernel xfrm assumptions (daily 2026-05-15).