Bad Epoll: Tiny Timing Window Lets Unprivileged Users Root Linux and Android

TL;DR Summary
A newly disclosed Linux kernel vulnerability, Bad Epoll (CVE-2026-46242), is a use-after-free race in the epoll subsystem that can let a non-privileged user gain root on Linux desktops, servers, and Android. The attacker exploits a six-instruction timing window to corrupt kernel memory, with broader reach via Chrome’s sandbox and Android support; a upstream patch is available (a6dc643c6931) and backports are expected for 6.4+ kernels, while older 6.1-based Android devices may be unaffected. A public PoC exists, but there’s no evidence of widespread exploitation yet.
- New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android The Hacker News
- DirtyClone: A Linux Privilege Escalation That Leaves No Trace on Disk Security Affairs
- ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access SecurityWeek
- DirtyClone (CVE-2026-43503): Critical Linux Kernel Vulnerability Enables Local Privilege Escalation to Root on Major Distributions Rescana
- Canonical Confirms Ubuntu Fixes for DirtyClone Linux Kernel Flaw Linuxiac
Reading Insights
Total Reads
0
Unique Readers
7
Time Saved
4 min
vs 5 min read
Condensed
90%
832 → 84 words
Want the full story? Read the original article
Read on The Hacker News