Summary
A new Linux kernel vulnerability known as DirtyDecrypt (CVE-2026-31635) allows local attackers to gain root privileges by exploiting a missing copy-on-write guard in the RxGK subsystem. The flaw primarily affects bleeding-edge distributions like Fedora and Arch Linux, and a public exploit is now available.
Take Action:
If you're running Linux systems with kernels compiled with CONFIG_RXGK enabled (mainly Fedora, Arch, or openSUSE Tumbleweed), update your kernel ASAP, since a working exploit is publicly available. If you can't patch, apply the temporary modprobe workaround to disable the vulnerable RxRPC and ESP modules, but test it first as it will break IPsec VPNs and AFS file systems.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)