Linux Zero-Day Dirty Frag and Copy Fail Vulnerability Fixes Released

Pop!_OS 22.04 LTS and Pop!_OS 24.04 LTS kernels have been patched for Dirty Frag and Copy Fail zero-day local privilege escalation vulnerabilities. Install updates to apply the fixes.

Dirty Frag (CVE-2026-43284)

The affected rxrpc, esp4, and esp6 kernel modules have been disabled in the Pop!_OS kernel update. Once rxrpc kernel patches are approved upstream, new kernels will be released with the modules re-enabled.

espr4 and esp6 kernel modules were patched and are safe to re-enable. We are keeping them disabled to see if upstream's backports find other places to make changes.

The Alfred File System (AFS) uses the rxrpc module. esp4 and esp6 are used by some VPN implementations like StrongSwan. If you require these modules, delete the file located at /etc/modprobe.d/pop-default-settings-dirty-frag.conf and run the command

sudo update-initramfs -u -k all

Copy Fail (CVE-2026-31431)

Copy Fail patched kernels were released on Pop!_OS 22.04 LTS, Pop!_OS 24.04 LTS on April 30th.