Proof-of-concept exploit code has been released for DirtyDecrypt (DirtyCBC), a Linux kernel flaw in rxgk_decrypt_skb() that can enable local privilege escalation on systems with CONFIG_RXGK enabled. The disclosure also coincides with other Linux LPE issues and new mitigation efforts, including a proposed kernel killswitch and Rocky Linux’s optional security repository for urgent fixes. #DirtyDecrypt #DirtyCBC #CVE-2026-31635 #LinuxKernel #RockyLinux
Keypoints
- DirtyDecrypt is a Linux kernel flaw that can lead to local privilege escalation.
- The issue is tied to a missing copy-on-write guard in rxgk_decrypt_skb().
- It affects distributions with CONFIG_RXGK enabled, including Fedora, Arch Linux, and openSUSE Tumbleweed.
- The bug can allow writes into privileged files like /etc/shadow or /etc/sudoers.
- Linux developers are considering a killswitch, and Rocky Linux has launched an optional security repository for urgent fixes.
Read More: https://thehackernews.com/2026/05/dirtydecrypt-poc-released-for-linux.html