TWO serious vulnerabilities in the Linux kernel, CVE-2026-46242 (Bad Epoll) and CVE-2026-53362, have been identified with public proof-of-concept exploit code available. Bad Epoll allows an unprivileged user to gain root access through a use-after-free condition, while the IPv6-related flaw enables escalation from a container to host root on RHEL and CentOS 10. These vulnerabilities expose critical attack vectors across various systems and have been linked to a recent incident where a Debian server was compromised. Both issues have fixes available, and users are advised to update their systems accordingly.
Linux Kernel Bug Lets Users Gain Root Access via Bad Epoll
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Public Exploit and Details Released for Bad Epoll Root Flaw (CVE-2026-46242)
cybersixt.com
-
Linux Kernel Bug Lets Users Gain Root Access via Bad Epoll
securityonline.info
-
CVE-2026-46242: Linux 'Bad Epoll' flaw lets attackers gain root
cybersixt.com
-
CVE-2026-46242: Linux Epoll Flaw Grants Local Root Access
cybersixt.com
-
Bad Epoll Flaw Lets Users Gain Root Access on Linux and Android
cybersixt.com