Critical Bad Epoll Vulnerability Allows Root Access on Linux and Android Devices

Critical Bad Epoll Vulnerability Allows Root Access on Linux and Android Devices

First seen 4 Jul 2026, 03:30 UTC ThehackernewsCybersecuritynews 74% similarity 67.5

Article Content

Browse articles
ThreatCluster

A newly disclosed Linux kernel vulnerability, identified as CVE-2026-46242, allows unprivileged local users to escalate privileges to root on Linux servers, desktops, and Android devices. Dubbed 'Bad Epoll', this flaw arises from a race condition and a use-after-free (UAF) in the kernel’s epoll subsystem, specifically in the ep_remove() function. The vulnerability was published on May 30, 2026, and poses a significant risk due to its potential for exploitation across multiple platforms. Users and administrators are advised to monitor for updates and apply necessary patches to mitigate risks. The flaw affects a wide range of Linux distributions and Android versions, making it critical for both server and mobile environments. Current status indicates that the vulnerability is known but not yet confirmed to be actively exploited in the wild.

Key Points: • CVE-2026-46242 allows unprivileged users to gain root access on Linux and Android. • The vulnerability stems from a race condition and use-after-free in the epoll subsystem. • Published on May 30, 2026, it affects various Linux distributions and Android devices.

ThreatCluster AI

Timeline

2026-05-30
CVE-2026-46242 published
A new Linux kernel vulnerability, 'Bad Epoll', was disclosed, allowing privilege escalation.
Cybersecuritynews
2026-07-03
Media coverage of Bad Epoll vulnerability
The Hacker News reported on the implications of the Bad Epoll flaw for Linux and Android users.
Thehackernews
2026-07-04
Current status of Bad Epoll vulnerability
As of today, the vulnerability is known but has not been confirmed as actively exploited.
Cybersecuritynews

Community

Browse all →