DirtyDecrypt Linux Kernel Vulnerability PoC Exploit Code Released

A working proof-of-concept (PoC) exploit for a high-severity Linux kernel local privilege escalation vulnerability dubbed DirtyDecrypt, also tracked as DirtyCBC, enables local attackers to gain full root access on affected systems.

Security analyst Will Dormann technically attributes the flaw to CVE-2026-31635, a patch for which was quietly merged upstream on April 25, 2026.

DirtyDecrypt resides in the rxgk_decrypt_skb() function within the Linux kernel’s RxGK subsystem, the GSS-API-based security layer for RxRPC, the network transport used by the Andrew File System (AFS) client.

Moselwal said that the root cause is a missing copy-on-write (COW) guard: when decrypting an incoming socket buffer (sk_buff), the kernel writes directly to a shared page-cache page without first creating a private copy.

This unguarded write lands in memory belonging to privileged processes or in the page cache of privileged files, including /etc/shadow, /etc/sudoers, or SUID binaries — allowing a local unprivileged user to corrupt and ultimately overwrite those pages to achieve root.

V12 described their finding as “rxgk pagecache write due to missing COW guard in rxgk_decrypt_skb” and reported it to kernel maintainers on May 9, 2026, only to be told it was a duplicate of an already-patched internal issue.

DirtyDecrypt Affected Distributions

Exploitation requires a Linux kernel compiled with CONFIG_RXGK=y or CONFIG_RXGK=m. In practice, this affects rolling-release distributions that track upstream kernel development closely:

• Fedora (including Rawhide and Workstation, pre-patch)
• Arch Linux (before pacman -Syu)
• openSUSE Tumbleweed (before zypper dup)
• Systems using mainline kernel PPAs or ELRepo kernel-ml on RHEL/CentOS Stream

Stable enterprise distributions — Debian Stable, RHEL 8/9, and Ubuntu LTS — ship with RxGK disabled and are generally not affected by default. Administrators can verify exposure by running:

bashzcat /proc/config.gz | grep RXGK

The operational threat escalates significantly in container environments. On a Kubernetes worker node running a rolling-release kernel, a successful DirtyDecrypt exploitation chains into a full container escape: local root on the host grants access to every pod, every container runtime socket, and every Kubernetes secret mounted on that node, Moselwal added.

Developer workstations on Fedora or Arch commonly holding active kubectl contexts, AWS production profiles, and SSH keys represent the highest-risk targets in enterprise settings.

DirtyDecrypt is the fourth Linux kernel LPE in the same XFRM/ESP/rxgk attack surface within three weeks, belonging to the same vulnerability class as the actively exploited Copy Fail family.

The primary remediation is pulling the kernel update containing the April 25 upstream patch:

bash# Fedora
sudo dnf upgrade --refresh kernel kernel-core kernel-modules && sudo systemctl reboot

# Arch Linux
sudo pacman -Syu linux linux-headers && sudo systemctl reboot

# openSUSE Tumbleweed
sudo zypper dup && sudo systemctl reboot

For systems where patching is not immediately possible, blacklisting the rxrpc, esp4, and esp6 kernel modules provides a temporary workaround — though this will break IPsec VPN connections and AFS mounts.

Kubernetes operators should rebuild worker node images with the patched kernel and enforce pod security standards (restricted profile) cluster-wide, ensuring allowPrivilegeEscalation: false is set as a default across all workloads.

Linux users on Fedora, Arch, and openSUSE Tumbleweed should treat this as an immediate priority given the availability of public PoC code and the established exploitation precedent set by the closely related Copy Fail vulnerability.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.