{"uuid": "bfd0d374-3aa3-4935-80be-2ddde695c65d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43500", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116539044705700152", "content": "And just to clarify about \"Dirty Frag\" vs. \"Copy Fail 2\":\nDirty Frag is TWO vulnerabilities:\n\nThe xfrm-ESP Page-Cache Write vulnerability has been assigned CVE-2026-43284 and patched in mainline at f4c50a4034e6.\nThe RxRPC Page-Cache Write vulnerability has been reserved as CVE-2026-43500 for tracking; no patch exists in any tree yet.\nCopy Fail 2 is a \"clean room\" rediscovery/exploitation of f4c50a4034e6\nSince Copy Fail 2 was published to GitHub 1 hour earlier than Dirty Frag was published.  The Dirty Frag writeup specifies that the embargo was broken, and as a result TWO vulnerabilities were disclosed.\nPersonally, I think that if you publish a patch for a vulnerability, and then you begin an embargo a week after it was published, that doesn't really count as an \"embargo\"?  \ud83e\udd37\u200d\u2642\ufe0f\nFun stuff...", "creation_timestamp": "2026-05-08T12:51:43.777812Z"}