Follow ZDNET: Add us as a preferred source on Google.

ZDNET's key takeaways

• Another bad Linux kernel bug has appeared.
• Fragnesia can give unauthorized users root powers.
• More open-source security bugs are likely coming.

According to Linus's law, "Given enough eyeballs, all bugs are shallow," is fundamental to open source. 

Unfortunately, thanks to AI bug-finding tools, such as Claude Mythos and OpenAI Daybreak, behind most of those eyeballs are AI engines, and they're proving to be much faster at finding security problems than human ones. 

Also: Linux is getting a security wake-up call - why it was inevitable and I'm not worried

So it is the latest serious Linux kernel vulnerability, Fragnesia, has emerged. It's the third serious local root flaw in the last two weeks.

Fragnesia yields root on all major distributions

Following in the footsteps of Copy Fail and Dirty Frag, this page-cache corruption bug gives unprivileged users a reliable path to full root control on affected systems. And what are those systems, you ask? According to AlmaLinux, Fragnesia immediately yields root on all major distributions. So, essentially, all Linux distros can be targeted and successfully hacked. Are we having fun yet or what?

Also: Dirty Frag is a new Linux bug putting your system at risk - and there's no easy fix yet

The bug was disclosed this week by the AI security company Zellic, with William Bowling and other researchers using the company's AI-agentic software auditing tool, V12. It works by abusing a logic bug in the Linux XFRM (short for "transform") ESP-in-TCP subsystem to write arbitrary bytes into the kernel page cache of read-only files, without requiring any race condition. 

This opens the door to local privilege escalation and potential container escapes in multi-tenant environments.

Unlike classic race-condition exploits, these vulnerabilities allow attackers to precisely corrupt file-backed pages without timing tricks, making attacks more reliable and easier to weaponize once proof-of-concept code is available.

A proof-of-concept exploit exists

Speaking of which, there already exists a proof-of-concept exploit. It builds a 256-entry lookup table that maps all possible keystream bytes to their corresponding nonces. The attack then copies a malicious payload, which overwrites the first 192 bytes of the switch user command in the page cache with a small ELF stub that calls setresuid and calls a shell. 

In other words, for those of you who aren't Linux experts, it will immediately drop the attacker into a root shell.

This is bad, bad news. It means a local user could gain superuser (root) privileges. Red Hat gives it a Common Vulnerability Scoring System (CVSS) score of 7.8, which makes it a high-level security bug.

Also: Anthropic's Mythos is evolving faster than expected, reports AI safety agency

Just as bad, while Fragnesia is technically a local privilege-escalation bug, its impact scales dramatically in modern cloud architectures that run large numbers of untrusted containers on shared Linux kernels. 

Here, if an attacker can run code in a container or a restricted user account but still create namespaces and network stacks, that person could break out to full root on the host and, from there, attack other users' virtual machines (VMs) or containers.

How to mitigate Fragnesia

Kernel developers and distribution maintainers are now working to harden the ESP-in-TCP code path, with proposed fixes focusing on eliminating in-place transformations on shared, file-backed pages and tightening fragment handling. An upstream patch to fix Fragnesia is available now. But it's not currently shipping in any distro as of May 13.

Also: Immutable Linux delivers serious security - here are your 5 best options

In the meantime, you can mitigate it by running the following command as root:

# rmmod esp4 esp6 rxrpc

# printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/fragnesia.conf

However, if you do so, you'll also knock out IPsec, which means your Linux virtual private networks (VPNs) won't work. Happy, happy, joy, joy.

You can, instead, according to Red Hat, run the following command as root:

# echo "user.max_user_namespaces=0" > /etc/sysctl.d/dirtyfrag.conf sysctl --system

Here, however, there's another problem: It disables unprivileged user namespaces, which may also affect rootless containers, sandboxed browsers, and Flatpak. 

Also: Nearly half of cybersecurity pros want to quit - here's why

It's always something!

Wait for your distro to deliver a patch

You might be better off just waiting for your distro to deliver a patch. I know most major distros are already beta-testing the patch, and I wouldn't be surprised if patched Linux kernels are available by May 14. Come that day, you should patch your systems ASAP.

Why is this happening? 

I'll be going into more detail later, but for now, suffice it to say that Chris Wright, Red Hat's CTO, and I spoke about this very issue earlier today, and it boils down to our AI fault detectors being much better than they were even a few weeks ago at finding real bugs. 

That means:

1. We can expect to see many more such security holes being discovered in the next few months.
2. We're going to need to get a lot faster at fixing bugs as they appear.

Also: Apple, Google, and Microsoft join Anthropic's Project Glasswing to defend world's most critical software

This, by the way, isn't just a problem for Linux. It's troublesome for all open-source software, and as AI gets better at reverse-engineering binary code, Windows and other proprietary software developers will need to upgrade their repair skills as well.