Three Linux kernel local privilege escalation vulnerabilities are active this week: Dirty Frag (CVE-2026-43284 and CVE-2026-43500) and Copy Fail (CVE-2026-31431). All three allow an authenticated local user to escalate to root. Dirty Frag is under confirmed active exploitation per Microsoft, with GLPI IT asset management systems observed as in-the-wild targets. CVE-2026-43500 remains unpatched as of May 8, 2026. Affected distributions include Ubuntu, RHEL, CentOS Stream, AlmaLinux, Fedora, openSUSE, and OpenShift. Any organization with Linux-based server infrastructure, containerized workloads, or cloud instances running affected kernel versions should treat this as a high-urgency patching event.