URGENT: Critical Linux Kernel Security Maintenance (Fragnesia) on 13 May 2026 15:13:54 (UTC-06:00)
Resolved on 16 May 2026 14:40:15 (UTC-06:00)
Incident Update — Resolved
We have successfully completed livepatching across our entire infrastructure. All shared hosting nodes and production fleets are now 100% secured against the Fragnesia vulnerability (CVE-2026-46300).
Final Actions Taken:
KernelCare Livepatches Applied: All servers have successfully pulled and applied the latest secure kernel binaries.
Temporary Mitigations Removed: Because our kernels are natively protected, the temporary module-blocking configuration (dirtyfrag.conf) has been safely removed.
Page Caches Flushed: We have completed a final purge of the system page caches across all nodes to guarantee complete system binary integrity.
As promised, this security maintenance was completed entirely via rebootless patching, resulting in zero downtime for any of our client sites, databases, or mail services. No further action is required from our managed hosting clients.
Incident Update — Resolved
We have successfully completed livepatching across our entire infrastructure. All shared hosting nodes and production fleets are now 100% secured against the Fragnesia vulnerability (CVE-2026-46300).
Final Actions Taken:
KernelCare Livepatches Applied: All servers have successfully pulled and applied the latest secure kernel binaries.
Temporary Mitigations Removed: Because our kernels are natively protected, the temporary module-blocking configuration (dirtyfrag.conf) has been safely removed.
Page Caches Flushed: We have completed a final purge of the system page caches across all nodes to guarantee complete system binary integrity.
As promised, this security maintenance was completed entirely via rebootless patching, resulting in zero downtime for any of our client sites, databases, or mail services. No further action is required from our managed hosting clients.
In progress on 14 May 2026 08:40:32 (UTC-06:00)
Update
We are patching all nodes of this new Linux kernel CVE. No downtime is expected as we do reboot less patching. Once we are finished we will update once again.
Update
We are patching all nodes of this new Linux kernel CVE. No downtime is expected as we do reboot less patching. Once we are finished we will update once again.
Identified on 13 May 2026 15:13:54 (UTC-06:00)
Incident Description:
A new critical Linux kernel vulnerability, Fragnesia (CVE-2026-46300), has been identified. This is a Local Privilege Escalation (LPE) flaw that could allow an unprivileged user to gain root access.
Action Taken:
We are taking immediate proactive steps to secure all shared hosting nodes:
Livepatching: We are deploying immediate fixes via KernelCare across our entire fleet to protect the kernel without requiring server reboots.
Proactive Mitigation: We have temporarily disabled affected kernel modules (esp4/esp6) to close the vulnerability path.
sudo sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
* Cache Clearing: We are flushing the system page cache to ensure binary integrity.
sudo sh -c "echo 3 > /proc/sys/vm/drop_caches"
We recommend clients that have cPanel or shared hosting servers not under our fully managed support to do the same. Customers running on our cPanel web hosting, WHM reseller or agency hosting plans are already patched.
Impact:
There is no expected downtime for websites or email services. Standard cPanel/LiteSpeed operations remain unaffected.
Reference: Detailed technical information is available via the [CloudLinux Security Advisory](https://blog.cloudlinux.com/fragnesia-mitigation-and-kernel-update).
Incident Description:
A new critical Linux kernel vulnerability, Fragnesia (CVE-2026-46300), has been identified. This is a Local Privilege Escalation (LPE) flaw that could allow an unprivileged user to gain root access.
Action Taken:
We are taking immediate proactive steps to secure all shared hosting nodes:
Livepatching: We are deploying immediate fixes via KernelCare across our entire fleet to protect the kernel without requiring server reboots.
Proactive Mitigation: We have temporarily disabled affected kernel modules (esp4/esp6) to close the vulnerability path.
sudo sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"
* Cache Clearing: We are flushing the system page cache to ensure binary integrity.
sudo sh -c "echo 3 > /proc/sys/vm/drop_caches"
We recommend clients that have cPanel or shared hosting servers not under our fully managed support to do the same. Customers running on our cPanel web hosting, WHM reseller or agency hosting plans are already patched.
Impact:
There is no expected downtime for websites or email services. Standard cPanel/LiteSpeed operations remain unaffected.
Reference: Detailed technical information is available via the [CloudLinux Security Advisory](https://blog.cloudlinux.com/fragnesia-mitigation-and-kernel-update).