New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices
5 Articles
5 Articles
[Security Circle] A zero-day vulnerability, "Bad Epoll," has been discovered in Linux, affecting both servers and Android devices.
"Bad Epoll" Linux Kernel Bug Lets Any User Grab Root
A newly disclosed use-after-free in the Linux kernel's epoll code, CVE-2026-46242, lets an unprivileged user get root on affected Linux and Android systems. A fix is out, but it took two attempts. “Bad Epoll” Linux Kernel Bug Lets Any User Grab Root on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.
New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices
A newly disclosed Linux kernel flaw dubbed “Bad Epoll” (CVE-2026-46242) allows an unprivileged local user to escalate to root on Linux servers, desktops, and Android devices by exploiting a race condition and a use-after-free (UAF) in the kernel’s epoll subsystem. Bad Epoll is a UAF vulnerability in ep_remove(), which clears file->f_ep under file->f_lock but continues using the file object inside the critical section during hlist_del_rcu() and s…

Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium

