A critical privilege escalation vulnerability (CVE-2026-46215) exists in the Linux DRM GEM subsystem due to a use-after-free race condition in the change_handle ioctl. This flaw allows any local user with access to a render node to gain unprivileged root access by exploiting the handle count mismatch during object transfer.
Background
The Linux Kernel DRM (Direct Rendering Manager) subsystem manages graphics hardware, and recent updates have addressed several high-severity local privilege escalation bugs affecting desktop distributions.
- Source
- Lobsters
- Published
- Jun 30, 2026 at 02:05 AM
- Score
- 9.0 / 10