jeffv via plug on 6 Jul 2026 05:17:21 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] "Bad Epoll" Linux Kernel Flaw


New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

https://thehackernews.com/2026/07/new-bad-epoll-linux-kernel-flaw-lets.html


A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out.

Bad Epoll is a "use-after-free" bug. Two parts of the kernel try to clean up the same internal object at the same time. One frees the memory while the other is still writing into it. That brief collision lets an attacker corrupt kernel memory, then climb from a normal account up to root.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug