◆ FORTINET ◆: 📅 Published on June 3, 2026

◆ FORTINET ◆ Security Advisory

Published Date: June 3, 2026

CVE: CVE-2026-43284

Advisory Summary

⚠️ Critical Linux Kernel Vulnerability: Dirty Frag (CVSS 7.9)

Fortinet has disclosed a significant security vulnerability impacting the Linux kernel, designated as Dirty Frag, arising from the chaining of two vulnerabilities: CVE-2026-43284 and CVE-2026-43500. This vulnerability affects the way kernel networking handles fragmented socket buffers (skbs) associated with encrypted packet processing and memory page sharing.

• CVE-2026-43284 addresses improper handling of ESP (Encapsulating Security Payload) decryption in UDP packets that incorporate shared memory pages without correctly marking them. This flaw allowed in-place decryption on data not privately owned, potentially exposing sensitive decrypted data or enabling tampering.
• CVE-2026-43500 concerns the rxrpc subsystem where packets with shared paged fragments were not properly unshared before security operations, leading to in-place decryption vulnerabilities and exposing external fragment memory.

• Correct marking of shared fragments in IPv4/IPv6 UDP datagram paths.
• Falling back to safe copy-on-write mechanisms during ESP packet processing.
• Expanded packet unsharing checks for rxrpc packets that carry shared fragments, preventing unsafe in-place decryptions.

Impact:
This vulnerability holds a CVSSv3 score of 7.9, implying a high severity risk for Linux-based infrastructure, particularly in environments running kernel versions prior to these patches. Data centers, cloud providers, and any enterprise-grade Linux deployments that utilize ESP or rxrpc-based networking stacks should prioritize applying these kernel updates immediately to mitigate exploitation risk. Failure to patch could allow attackers to manipulate encrypted network traffic or leak sensitive data from shared memory pages.

• Review your Linux kernel versions and confirm incorporation of these patches.
• Update to the latest stable kernels or vendor-provided security releases.
• Audit network packet handling for exposure to shared skb fragment usage.
• Maintain monitoring for suspicious activity potentially exploiting this flaw.

Fortinet’s advisory helps IT security and infrastructure teams strengthen Linux-based assets, guarding against sophisticated memory handling vulnerabilities in critical network subsystems.

🔗

Reference: Vendor Advisory