Introduction
Two new stable Linux kernel versions—7.0.6 and 6.18.29—have been released by kernel maintainer Greg Kroah-Hartman. These updates are critical, as they include a patch from security researcher Hyunwoo Kim for a second vulnerability tracked as CVE-2026-43500, which is related to the Dirty Frag and Copy Fail 2 issues. All users are strongly advised to upgrade their kernels to ensure system security.
Background: The Dirty Frag and Copy Fail 2 Vulnerabilities
What is Dirty Frag?
The Dirty Frag vulnerability is a memory corruption flaw in the Linux kernel’s handling of fragmented memory regions. It specifically affects the memory management subsystem, where improper validation of page fragments can allow an attacker to overwrite sensitive kernel data. This can lead to privilege escalation, denial of service, or information disclosure.
Understanding Copy Fail 2
Copy Fail 2 is closely related to Dirty Frag and describes a special case where copy-on-write operations fail under certain race conditions. When the kernel attempts to duplicate memory pages during process forking or shared memory operations, a failure in the copy mechanism can leave the system in an inconsistent state, potentially allowing an attacker to read or write memory they should not have access to.
The CVE-2026-43500 Connection
CVE-2026-43500 is the official identifier for the second vulnerability reported as part of the Dirty Frag and Copy Fail 2 series. The first vulnerability (likely CVE-2026-43499) was addressed in earlier patches. The current release by Greg Kroah-Hartman specifically applies Hyunwoo Kim’s fix for CVE-2026-43500, closing the final loophole in these related exploits.
Details of the Patched Kernels
Version 7.0.6
Kernel 7.0.6 is the latest in the 7.x stable series, incorporating the patch along with other bug fixes and stability improvements. Users running any 7.0.x kernel should upgrade to 7.0.6 immediately.
Version 6.18.29
Kernel 6.18.29 serves the same purpose for the long-term support 6.18 branch. This release ensures that those on a stable LTS kernel receive the critical security fix without needing to jump to a newer major version.
Who Should Upgrade?
All Linux users—whether on servers, desktops, or embedded systems—are advised to apply the update. The vulnerabilities are local privilege escalation threats, meaning an attacker with limited local access could gain full root privileges. Systems exposed to untrusted users or running containers are especially at risk.
How to Upgrade
To upgrade, users can either download the kernels from official repositories or compile from source. For most distributions, a simple package manager update will suffice:
- Debian/Ubuntu:
sudo apt update && sudo apt upgrade linux-image - Red Hat/Fedora:
sudo dnf upgrade kernel - Arch Linux:
sudo pacman -S linux
After upgrading, a reboot is required to load the new kernel.
Conclusion
The release of kernels 7.0.6 and 6.18.29 marks an important step in securing Linux systems against the Dirty Frag and Copy Fail 2 vulnerabilities. Hyunwoo Kim’s patch for CVE-2026-43500 closes a critical security gap. Users who delay upgrading risk leaving their systems open to exploitation. Stay safe—upgrade today.
For more information, see the official announcement or the CVE entry.