New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
Summary
Bad Epoll (CVE-2026-46242) is a use-after-free bug (a flaw where code tries to access memory that has already been freed) in the Linux kernel that allows ordinary users to gain root access on Linux desktops, servers, and Android devices. The vulnerability exists in the epoll feature, which programs use to monitor multiple files or network connections at once, and a researcher named Jaeyoung Chung created a working attack that succeeds about 99% of the time by carefully timing the exploitation of a very narrow window where two parts of the kernel interfere with each other.
Solution / Mitigation
Apply upstream commit a6dc643c6931, or install your distribution's backport when it lands. Kernels built on 6.4 or newer are affected unless they already have the fix. Older 6.1-based kernels, including some Android phones such as the Pixel 8, are not affected because the bug arrived in 6.4.
Classification
Affected Vendors
Original source: https://thehackernews.com/2026/07/new-bad-epoll-linux-kernel-flaw-lets.html
First tracked: July 3, 2026 at 08:01 PM
Classified by LLM (prompt v3) · confidence: 95%