BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Linux ‘Bad Epoll’ Bug Grants Any User Root Access

  • A critical Linux kernel flaw, Bad Epoll (CVE-2026-46242), allows a standard user to gain full root control on desktops, servers, and Android.
  • The exploit leverages a narrow “use-after-free” race condition, which Anthropic‘s Mythos AI model missed after finding a sibling bug in the same code.
  • Researcher Jaeyoung Chung developed a reliable exploit, submitted it as a zero-day, and detailed the attack in a public writeup.
  • The bug stems from a 2023 code change and requires applying a specific upstream patch, as there is no workaround.

A newly disclosed Linux kernel flaw, discovered by researcher Jaeyoung Chung and dubbed Bad Epoll, lets ordinary users take complete root control of affected systems. This critical vulnerability, tracked as CVE-2026-46242, impacts Linux desktops, servers, and Android devices where a fix is now available.

- Advertisement -

Bad Epoll is a “use-after-free” race condition bug within the essential epoll subsystem. Consequently, an attacker can corrupt kernel memory to escalate privileges from a normal account to root. The exploit’s timing window is notoriously narrow, only about six machine instructions wide.

However, Chung’s proof-of-concept widens this window and achieves root access about 99% of the time. The bug is particularly dangerous as it can reportedly be triggered from within Chrome’s renderer sandbox and can reach Android. Chung submitted the flaw as a zero-day to Google’s kernelCTF program, with technical details in his public writeup.

This bug resides in the same kernel code where Anthropic‘s AI model, Mythos, recently found a different vulnerability, CVE-2026-43074. Anthropic has separately stated Mythos found Linux kernel privilege-escalation bugs, though it has not publicly linked that work to Bad Epoll.

Meanwhile, the flaw joins a family of similar Android-rooting bugs like Bad Binder and Bad IO_uring. It also arrives during a busy period for Linux privilege escalations, including Copy Fail (CVE-2026-31431) which is now on CISA’s Known Exploited Vulnerabilities list. A separate FUSE filesystem bug, CVE-2026-31694, also has a public proof-of-concept.

- Advertisement -

Bynario found the FUSE flaw, while Mythos also discovered and exploited a 17-year-old remote code execution bug in FreeBSD’s NFS server (CVE-2026-4747). Ultimately, Bad Epoll highlights the persistent difficulty of finding and fixing complex race conditions, even for advanced AI. For now, users must apply the upstream commit a6dc643c6931 or their distribution’s security update.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Crypto Bill Fails to Meet White House July 4 Deadline

The White House will miss its July 4 deadline for passing a cryptocurrency market...

Alphabet Undervalued Despite Record Growth, AI Push

Alphabet (GOOGL) stock is deemed undervalued despite record revenue and strong AI positioning, trading...

PamStealer Malware Targets MacOS Users, Steals Data

A new macOS malware, PamStealer, is actively targeting cryptocurrency users by stealing wallet data...

Bitcoin Rebound Above $61K Sparks Rally: What’s Next?

The cryptocurrency market is rebounding today, with Bitcoin trading above $61,000.The rally may be...

Wealthy Americans Flee to New Zealand Amid Property Price Slump

New Zealand property prices have hit a 3-year low, creating a buying opportunity.A reported...

Must Read

Symbiosis Crypto Bridge: Your Guide to Moving Assets Between Blockchains

What is a Cross-Chain Crypto Bridge?Why Choose Symbiosis for Your Cross-Chain Needs?Support for 50+ BlockchainsAutomatic Routing for the Best RatesNo Need for RegistrationDirect Wallet...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading