New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
ID: 0a171ca2-c52c-562a-b5d7-da361efe7d9d
STIX ID: report--0a171ca2-c52c-562a-b5d7-da361efe7d9d
Feed Name: The Hacker News
Bad Epoll (CVE-2026-46242) is a Linux kernel use-after-free race in the epoll subsystem that allows an unprivileged local user to corrupt kernel memory and reliably escalate to root; a proof-of-concept exploit by researcher Jaeyoung Chung achieves near-99% success on tested systems, can be triggered from Chrome's renderer sandbox, and may affect Android devices. A fix is available upstream (kernels 6.4+ were affected unless backported), there is no evidence of active exploitation in the wild, and users should apply the upstream patch or distribution backports.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
