may 9, 2026
4 links from the engineering internet.
qualys maps how dirty frag turns linux page caches into an attack surface
qualys researchers publish a technical breakdown of dirty frag (cve-2026-43284 and cve-2026-43500), tracing how the in-place decryption fast path in esp4, esp6, and rxrpc lets an unprivileged user write into page cache pages they should only read, achieving root without touching disk.
linux kernel developers propose runtime killswitch for vulnerable functions
a patch under review would let privileged admins disable specific kernel functions at runtime via securityfs, causing them to return an error immediately. prompted by the copy fail and dirty frag lpe wave, the proposal aims to close the gap between public disclosure and full patch deployment.
parrot os 7.2 ships with linux kernel 6.19 and copy fail fix
parrot os 7.2 lands with linux kernel 6.19.13, which addresses cve-2026-31431 (copy fail), alongside kde plasma 6.3.6, updated penetration testing tools, debian package sync, and automated flatpak update handling.
bitdefender publishes technical advisory on shinyhunters canvas lms breach
bitdefender details how shinyhunters exploited free-for-teacher accounts to breach instructure canvas between april 30 and may 7, covering the attack chain, confirmed exposed data, and recommended remediation including api credential rotation and phishing monitoring as the may 12 ransom deadline approaches.