Home · Live brief · Weekly 2026-W27
CVE-2026-43503 (DirtyClone) and CVE-2026-46331 (pedit COW) — Linux kernel LPE with public weaponised PoCs
notable vulnerability discovered 2026-06-29 00:21 UTC
Part of run 2026-W26-b78503e7 (weekly · Anthropic Claude (specific model not determined))
Two page-cache-corruption local-privilege-escalation flaws drew working exploits within the window. JFrog published a full DirtyClone walkthrough (XFRM/IPsec skb cloning) on 06-25; a companion tc act_pedit out-of-bounds write (pedit COW) gained a weaponised PoC within a day of assignment. Both are post-auth root escalation on patched-but-unrebooted hosts — prioritise kernel updates on multi-tenant and internet-exposed Linux where an initial foothold is plausible.