The Third Major Linux Kernel Flaw In Two Weeks Has Been Found - Thanks To AI
ZDNET, Thursday, May 14th, 2026
AI-powered tools are discovering Linux kernel vulnerabilities faster than developers can patch them, with Fragnesia being the latest critical flaw.
A third major Linux kernel vulnerability called Fragnesia has been discovered in two weeks, highlighting how AI bug-finding tools like Claude Mythos and OpenAI Daybreak are exposing security flaws faster than human developers can fix them.
Fragnesia is a page-cache corruption bug that gives unprivileged users reliable root access on all major Linux distributions through an XFRM ESP-in-TCP subsystem exploit, with a proof-of-concept already available and a CVSS score of 7.8.
The vulnerability is particularly dangerous in cloud environments where untrusted containers run on shared kernels, potentially allowing attackers to escape containers and compromise host systems. While upstream patches are available, they haven't yet shipped in any distributions as of May 13, and mitigation options come with significant tradeoffs such as disabling IPsec VPNs or unprivileged user namespaces.