Skip to main content

05/14/2026 - Technical Bulletin - Dirty Frag Lx Kernel Vulnerability Statement

Updated

Technical Bulletin

To: DW® Customers

Date: May 14, 2026

Re: “Dirty Frag” Linux Kernel Vulnerability Statement

“Dirty Frag” Linux Kernel Vulnerability Statement

-----------------------------------

Affected DW Products: DW Spectrum Professional (Server and Client), DW Blackjack® Server Series

New Software Version: N/A — See Statement Below

Previous Software Version: N/A

Release Date: May 14, 2026

-----------------------------------

 

“Dirty Frag” Linux Kernel Vulnerability Statement

Dear Digital Watchdog Partner,

This technical bulletin is being issued to address the recently disclosed “Dirty Frag” Linux kernel vulnerabilities and to provide clarity on the potential impact to Digital Watchdog products.

On May 7, 2026, two local privilege escalation (LPE) vulnerabilities affecting the Linux kernel were publicly disclosed. One vulnerability has been assigned to the ID: 

  • CVE-2026-43284 
  • The second CVE ID is currently pending.

Both are collectively referred to as “Dirty Frag.” The affected components are Linux kernel modules—specifically the modules that support ESP (Encapsulating Security Protocol, used for IPsec) and RxRPC (a protocol used for the Andrew File System). These vulnerabilities affect multiple Linux distributions, including Ubuntu, and can allow a local user to elevate privileges to the root level. On systems running container workloads, they may additionally facilitate container escape scenarios.

It is important to note that these are local privilege escalation vulnerabilities, meaning that exploitation requires an attacker to already have local access to the system. Remote exploitation without prior access has not been demonstrated at this time. DW Blackjack Servers deployed in physically secured, access-controlled environments with no unauthorized local users face a lower immediate risk profile.

DW is actively investigating the scope of impact across all its Linux products. By default, DW Blackjack Server hardware that runs on Linux-based operating systems is not affected by this vulnerability. However, if you have enabled any of the modules that are affected, you will need to disable them.

 

Recommended Actions

Digital Watchdog recommends the following steps for customers and partners managing DW products on Linux-based systems:

  • Check if affected modules are loaded on the system
    • If the following action indicates that the modules are not loaded, no further action is required. However, if modules are detected, refer to the link in the Additional Information section below for troubleshooting instructions.
    • Open the Terminal application and use the following command:
grep -qE '^(esp4|esp6|rxrpc) ' /proc/modules && echo "Affected modules are loaded" || echo "Affected modules are NOT loaded"
  • Restrict physical and local access to all DW Blackjack Servers and systems running DW Spectrum Professional Server. Ensure that only authorized personnel have local login access.
  • Monitor for kernel updates from your Linux distribution vendor. Canonical (Ubuntu) has published mitigations and is working on kernel patch packages for all affected Ubuntu releases. DW will communicate when tested and validated firmware or software updates are available for affected DW products.
  • Keep DW Spectrum Professional software up to date to ensure that current cybersecurity standards are implemented on your surveillance systems.
  • Do not apply kernel-level mitigations independently (such as disabling the esp4/esp6/rxrpc modules) on DW Blackjack Servers without first consulting DW Technical Support, as doing so may affect system functionality or stability.

 

Additional Information

Digital Watchdog takes the security of our customers’ systems seriously and will continue to monitor this situation closely. Updated guidance and any relevant firmware or software updates will be communicated as they become available. For more information on the underlying vulnerability, refer to the official Ubuntu security advisory at https://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available.

 

 

______________________________________________________________________________

For More Information or Technical Support

DW Technical Support: https://www.digital-watchdog.com/contact-tech-support/

DW Sales: sales@digital-watchdog.com | www.digital-watchdog.com

Rev: 06/25                              Copyright © DW. All rights reserved. Specifications and pricing subject to change without notice.                            

 

Related to

Related articles