Fragnesia - CVE-2026-46300

Challvy · May 14, 2026, 2:07am

If Rocky Linux is affected by this CVE-2026-46300

POC: pocs/fragnesia/README.md at main · v12-security/pocs · GitHub

linde · May 14, 2026, 3:34am

If the github link is accurate, then this vulnerability would affect Rocky Linux (because Rocky was vulnerable to DirtyFrag).

Rocky has patched kernels available in the new security repo; run dnf update to get the latest repo definitions, then dnf --enablerepo=security update to get the patched kernel, then reboot to run the patched kernel.

Also according to the link, the mitigation is the same as for DirtyFrag – useful if you can’t reboot immediately.

Edit: It doesn’t necessarily follow that Rocky’s DirtyFrag patch fixes this one. After further reading, I’m guessing it doesn’t.

joshwhiteside · May 14, 2026, 8:20am

I’ve just attempted this on Rocky 8.10 with the latest kernel installed from the new security repo and has given me root access

iwalker · May 14, 2026, 9:45am

Yep, it requires an additional fix, so all versions are affected. There’s already a RHEL page for this that shows what is affected. I guess a fix will appear in the next couple of days.

Challvy · May 14, 2026, 10:09am

The kernel patch is different: net: skbuff: preserve shared-frag marker during coalescing

So it requires an additional fix as @iwalker said.

long.cheung · May 18, 2026, 2:23am

any update? still no fix?

rsathishkumarr · May 18, 2026, 10:19am

@iwalker Following up on this, could you please share the ETA for the fix?

iwalker · May 18, 2026, 10:20am

Well Red Hat haven’t even released a fix yet, but I’ve posted an internal message to find out if our team has an ETA for an interim fix.

mneveu · May 19, 2026, 11:26am

Hello,
Is it fixed by kernel-*-5.14.0-611.55.1.el9_7.0.3.x86_64.rpm just now available on Rocky Linux Repository ?
Where can I find what is fixed with this version ? There is nothing on product errata (Rocky Enterprise Software Foundation Product Errata)

Logan · May 19, 2026, 11:45am

Yes.

Changelog for kernel-5.14.0-611.55.1.el9_7.0.3.x86_64

Mon May 18 2026 Jonathan Dieter jdieter@resf.org - 5.14.0-611.55.1.0.3

ptrace: slightly saner ‘get_dumpable()’ logic (Roxana Nicolescu) [ciqres] {CVE-2026-46333}

Thu May 14 2026 Jonathan Dieter jdieter@resf.org - 5.14.0-611.55.1.0.2

net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [ciqres] {CVE-2026-46300}

Drop rxrpc patches since upstream has decided not to carry them. Users of kernel-modules-partner are now
vulnerable to CVE-2026-43500, but the package is only available in the unsupported devel repo

mneveu · May 19, 2026, 11:50am

Thanks !
Where you have founded this changelog ?

Logan · May 19, 2026, 11:59am

dnf repoquery --changelog kernel-5.14.0-611.55.1.el9_7.0.3

kristino · May 19, 2026, 5:14pm

Hi ! My Rocky 9’s get the kernel-5.14.0-611.55.1.el9_7.0.3.x86_64 from the new security-repo now, but there are no new packaces for Rocky 8 in this repo. Does anyone know if there will be a fix for CVE-2026-46300 for Rocky 8 ?

doublem · May 19, 2026, 5:23pm

Is it possible to have a web page or a sticky forum thread to follow the Rocky specific “Security releases” ? It is hard to keep track or find out the information of all the versions.

Things to include in the information could be (for each Rocky release, 8,9,10, …):
latest version of rocky security kernel, what have been fixed in this version, latest RHEL/upstream kernel, additional thing to do if needed (to fix security issues).

iwalker · May 20, 2026, 7:13am

This would be pointless since the errata should have all the security information anyway and generated automatically. I’ll raise it internally to find out why the errata is not up-to-date and what we plan on doing about that. To do something additional then means spending more time on something else doing all of that manually collating it and preparing a webpage, etc. Unless someone wants to volunteer and do that? Otherwise, there are far more important things for the team to spend their time on.

rsathishkumarr · May 20, 2026, 8:05am

Is a fix currently available for Rocky 8.10? I don’t see any version newer than 4.18.0-553.123.1.el8_10.0.1 for Rocky 8.10

iwalker · May 20, 2026, 8:11am

Yes there is, but you will have to enable the security repository to get the fix. This is the interim fix, which is patched versions of existing kernels. Red Hat haven’t even patched RHEL8 yet so this is why there is no fix in the standard base repositories.

rsathishkumarr · May 20, 2026, 8:16am

have already enabled the security repo and this is what i see

```
$ dnf list kernel
Last metadata expiration check: 0:12:16 ago on Wed May 20 08:03:08 2026.
Installed Packages
kernel.x86_64 4.18.0-553.40.1.el8_10 @baseos
kernel.x86_64 4.18.0-553.123.1.el8_10.0.1 @security
```

Topic		Replies	Views
Dirty Frag vulnerability reported for Linux kernel CVE-2026-43284, CVE-2026-43500 Rocky Linux Help & Support rocky-linux-8 , rocky-linux-9 , rocky-linux-10	10	5416	May 14, 2026
CVE-2026-31431 - Copy Fail - Linux kernel crypto vulnerability Rocky Linux Help & Support	108	24375	May 10, 2026
Rocky 8.10 - CVE-2025-38352 Rocky Linux Help & Support rocky-linux-8	23	1837	September 22, 2025
CVE fixes, Redhat vs Rocky package versioning Rocky Linux Help & Support rocky-linux-8 , rocky-linux-9	7	858	July 23, 2025
Is CVE-2026-46243 fixed in RockyLInux 9.7? Rocky Linux Help & Support	14	381	June 5, 2026

Fragnesia - CVE-2026-46300

Related topics