RESEARCHERS have uncovered a critical vulnerability in the Linux kernel tracked as CVE-2026-23111, which allows unprivileged users to escalate their permissions to root. The issue arises from a single misplaced character in the nf_tables subsystem, which manages firewall rules and packet filtering. This bug, a use-after-free vulnerability, allows attackers to manipulate memory and hijack control flow, despite stability tests showing 99% reliability on idle systems.
Although this exploit was fixed in February, it represents a significant security risk, especially when combined with other vulnerabilities affecting Linux.