New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices

A newly disclosed Linux kernel flaw dubbed “Bad Epoll” (CVE-2026-46242) allows an unprivileged local user to escalate to root on Linux servers, desktops, and Android devices by exploiting a race condition and a use-after-free (UAF) in the kernel’s epoll subsystem. Bad Epoll is a UAF vulnerability in ep_remove(), which clears file->f_ep under file->f_lock but continues […]

The post New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: