Threat Advisory

Linux Kernel Flaw Turns Unprivileged User into Root

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities affecting Linux versions Bad Epoll affects Linux kernels based on v6 have been identified in Linux, including a use-after-free bug that enables root privilege escalation. The affected version range includes Linux kernels based on v6 and newer. This collective risk presents a high threat to any unprivileged user who can exploit the vulnerability, particularly those with access to servers, network services, browsers, or operating systems that rely on epoll.

CVE-2026-46242 (CVSS 7.8 — High Severity): A use-after-free bug has been identified in epoll's file-release path, allowing an attacker to escalate privileges and gain root access. The vulnerability can be exploited through a close-versus-close race in epoll objects.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities affecting Linux versions Bad Epoll affects Linux kernels based on v6 have been identified in Linux, including a use-after-free bug that enables root privilege escalation. The affected version range includes Linux kernels based on v6 and newer. This collective risk presents a high threat to any unprivileged user who can exploit the vulnerability, particularly those with access to servers, network services, browsers, or operating systems that rely on epoll.

CVE-2026-46242 (CVSS 7.8 — High Severity): A use-after-free bug has been identified in epoll's file-release path, allowing an attacker to escalate privileges and gain root access. The vulnerability can be exploited through a close-versus-close race in epoll objects.[emaillocker id="1283"]

CVE-2026-43074: This sibling bug was missed by AI models and adds two separate races to about 2,500 lines of epoll code. The memory error rarely trips KASAN once the bug is fixed, making it hard to detect.

These vulnerabilities collectively present a high risk to any unprivileged user who can exploit the use-after-free bug in epoll. Administrators should apply upstream commit a6dc643c6931 or their distribution's backport as soon as possible to mitigate this threat.

RECOMMENDATION:

We recommend you to update Linux to version 2de4db145b2992da496fea6c51f9839be678ae24.

REFERENCES:

The following reports contain further technical details:

[/emaillocker]
crossmenu