Copy Fail, Dirty Frag, and Fragnesia kernel vulnerabilities – Gentoo Linux

Copy Fail, Dirty Frag, and Fragnesia kernel vulnerabilities

May 19, 2026

The Linux kernel has recently been facing a series of discovered<br>privilege escalation vulnerabilities, starting with the<br>Copy Fail vulnerability and followed by subsequent<br>vulnerabilities in the same spirit<br>(Dirty Frag,<br>Fragnesia).<br>This development is part of a general trend where vulnerabilities are being found - and<br>disclosed - faster than before. We expect it to continue, at least for<br>the short-term.

The Gentoo Linux Kernel and Distribution Kernel teams are doing their best<br>to keep Gentoo kernels secure. This includes both packaging the latest<br>upstream releases as soon as possible, and backporting additional vulnerability fixes<br>or mitigations whenever they become available.<br>As example, while upstream kernel releases are still vulnerable to Fragnesia,<br>the respective Gentoo kernels feature fixes from day one. At the time of writing, all<br>supported Gentoo kernels feature the latest Fragnesia v5 patch. Please expect more updates.<br>We recommend exploring ways to automate upgrading your kernel.

Please note that only<br>sys-kernel/gentoo-kernel,<br>sys-kernel/gentoo-kernel-bin<br>and sys-kernel/gentoo-sources<br>packages are security-supported. The vanilla kernel packages are<br>vulnerable at the moment. Other kernel packages may carry fixes, but<br>they usually are slower to be updated. Additionally, we recommend<br>running the latest kernel version (~arch or latest stable LTS), as<br>upstream does not reliably backport security fixes to older versions.