The Hacker News ·EN News source
New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
CVE Tools coverage
A newly disclosed Linux kernel issue called “Bad Epoll” (CVE-2026-46242) enables unprivileged local users to gain root access. It impacts Linux systems and Android devices that run affected kernel builds, because an epoll use-after-free race can corrupt kernel memory and turn a normal account into full control. Fixes are available via upstream (commit a6dc643c69311677c574a0f17a3f4d66a5f3744b) and distribution backports, and timing makes the bug hard but the published proof of concept reliably achieves escalation on tested setups.