E-Ink News Daily

Back to list

Bad Epoll (CVE-2026-46242)

Bad Epoll (CVE-2026-46242) is a critical race-condition use-after-free vulnerability in the Linux kernel's epoll subsystem, allowing unprivileged processes to escalate to root privileges. It is particularly significant because it can bypass Android security restrictions and Chrome's renderer sandbox, a feat achieved by Jaeyoung Chung in Google kernelCTF where it was reported as a 0-day.

Background

Google kernelCTF is a competition rewarding researchers for discovering and exploiting Linux kernel vulnerabilities, often highlighting flaws that affect both desktop and mobile environments like Android.

Source
Lobsters
Published
Jul 5, 2026 at 02:40 AM
Score
9.0 / 10