Ubuntu has released emergency security updates to address a critical local privilege escalation vulnerability in the Linux kernel, tracked as CVE-2026-43503 and dubbed "DirtyClone" by security firm JFrog.
The flaw was responsibly disclosed to the Linux kernel maintainers, with the CVE record published on May 23, 2026. JFrog published its technical research on June 25, 2026. Ubuntu's security updates followed the public disclosure, providing patches for all supported releases.
As a local privilege escalation vulnerability, DirtyClone could allow an unprivileged user or process to gain higher-level access, potentially root. This type of flaw is significant in environments where kernel-enforced isolation is used, such as multi-tenant cloud servers and container platforms, as it could lead to a breach of security boundaries.
The vulnerability resides in the upstream Linux kernel source. While the Ubuntu advisory confirms that all its releases are affected, the upstream nature of the code means other Linux distributions may also be vulnerable. System administrators using other distributions should monitor their respective security channels for updates.
Ubuntu has provided patched kernel packages for its supported releases. System administrators can update using the standard package manager with the command:
sudo apt update && sudo apt upgrade
A system reboot is required after installing the update for the new kernel to be loaded.
Ubuntu已發布緊急安全更新,以處理Linux核心中一個被網絡安全公司JFrog命名為「DirtyClone」、編號CVE-2026-43503的關鍵本地權限提升漏洞。
該漏洞已於2026年5月23日透過負責任披露程序交予Linux核心維護者,CVE紀錄亦已發布。JFrog於2026年6月25日公開其技術研究。Ubuntu在漏洞公開披露後隨即推出安全更新,為其所有支援版本提供修補程式。
作為一個本地權限提升漏洞,DirtyClone可能讓無權限的用戶或程式取得更高層級的訪問權限,包括可能的root權限。此類漏洞在使用核心強制隔離的環境中尤為重要,例如多租戶雲伺服器和容器平台,因為它可能導致安全邊界被突破。
該漏洞存在於Linux核心的上游源代碼中。雖然Ubuntu的公告確認其所有版本均受影響,但代碼的上游特性意味著其他Linux發行版也可能存在漏洞。使用其他發行版的系統管理員應密切關注其各自的安全更新渠道。
Ubuntu已為其支援的版本提供修補後的核心套件。系統管理員可使用標準套件管理器執行以下指令進行更新:
sudo apt update && sudo apt upgrade
安裝更新後需要重新啟動系統,以載入新的核心。
