A newly revealed vulnerability called Bad Epoll (CVE-2026-46242) affects the Linux kernel's epoll subsystem, enabling local attackers to gain root access on Linux and Android systems without special privileges. The flaw is characterized as a use-after-free vulnerability where two kernel threads attempt to release the same object simultaneously, leading to potential privilege escalation. Security professionals have developed a reliable proof-of-concept exploit, achieving a 99% success rate.
Users are advised to install available security updates, as this vulnerability affects versions 6.4 and later of the Linux kernel and can also impact sandboxed environments like Chrome. The issue highlights both the capabilities and limitations of AI in security research, as a previous AI model, although it detected a related bug, missed Bad Epoll. Currently, there is no evidence of active exploitation in the wild.