Close Menu
    What's Hot

    The government just launched Trump Accounts. Here’s who gets the free $1K

    Is a fan march better than a Super Bowl parade? – Live Updates

    Trump Takes Stock of Other Presidencies, Shedding Light on His Own

    Facebook X (Twitter) Instagram
    Trending
    • The government just launched Trump Accounts. Here’s who gets the free $1K
    • Is a fan march better than a Super Bowl parade? – Live Updates
    • Trump Takes Stock of Other Presidencies, Shedding Light on His Own
    • Egyptian coach smooths over issues with Dallas police – Live Updates
    • The only AI glossary you’ll need this year
    • World Cup 2026: England’s last-16 tie with Mexico WILL kick-off at 1am Monday | Football News
    • New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
    • New York girds for a weekend of Taylor Swift, salutes and soccer – Live Updates
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Cybersecurity

    New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    adminBy adminJuly 3, 2026No Comments5 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
    Share
    Facebook Twitter LinkedIn Pinterest Email

    New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out.

    Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model, Mythos, recently found a different bug.

    The AI caught one flaw and missed this one. A researcher, Jaeyoung Chung, found it and built a working attack.

    How the Bug Works

    Epoll is a standard Linux feature that lets a program watch many files or network connections at once. Servers, network services, and web browsers all lean on it. You cannot simply switch it off.

    Bad Epoll is a “use-after-free” bug. Two parts of the kernel try to clean up the same internal object at the same time. One frees the memory while the other is still writing into it. That brief collision lets an attacker corrupt kernel memory, then climb from a normal account up to root.

    The catch is timing. The window where the two paths collide is only about six machine instructions wide, so a random attempt almost never lands in it. Chung’s exploit widens that window and retries without crashing, reaching root about 99% of the time on tested systems.

    Cybersecurity

    Two things make it more dangerous: by his account, it can be triggered from inside Chrome’s renderer sandbox, which blocks almost every other kernel bug, and it can reach Android, which most Linux privilege bugs cannot.

    Chung submitted the flaw as a zero-day to Google’s kernelCTF program, and full technical details are in his public writeup. There is no sign it has been used in real attacks: as of this writing, it is not on CISA’s Known Exploited Vulnerabilities list, and the only working code is that kernelCTF proof of concept. An Android version of the exploit is still in progress.

    Both bugs trace back to a single 2023 change to the epoll code. Chung says Mythos found the first of the two, now tracked as CVE-2026-43074, with a fix landing earlier in 2026.

    Anthropic has separately said Mythos found Linux kernel privilege-escalation bugs, though it has not publicly linked that work to Bad Epoll. Finding the first one was a real result, because race-condition bugs are notoriously hard to spot.

    So why did the same AI miss the sibling flaw? Chung offers two likely reasons and is careful to say no one can be sure.

    • First, the timing window is tiny, so the exact sequence of events is hard to picture even while staring at the code.
    • Second, there is little evidence at runtime.

    Once the first bug is patched, Bad Epoll’s memory error usually does not trip KASAN, the kernel’s main bug detector, so nothing flags that something is wrong.

    Epoll cannot be turned off, so there is no workaround. Apply upstream commit a6dc643c6931, or install your distribution’s backport when it lands. Kernels built on 6.4 or newer are affected unless they already have the fix.

    Older 6.1-based kernels, including some Android phones such as the Pixel 8, are not, because the bug arrived in 6.4.

    A Bad Year for the Linux Kernel

    Bad Epoll joins a well-known family of kernel bugs used to root Android, following earlier entries called Bad Binder, Bad IO_uring, and Bad Spin.

    It also lands in a busy stretch for Linux privilege flaws, though most of the recent ones work differently. Copy Fail (CVE-2026-31431) landed in April and is now on CISA’s Known Exploited Vulnerabilities list. The Dirty Frag chain, Fragnesia, DirtyClone, pedit COW came after it.

    Cybersecurity

    Both are deterministic page-cache-write bugs, like Dirty Pipe (2022), with no race to win, which makes them far more reliable to run. Bad Epoll is the older, harder kind: a race you have to win, like Dirty Cow (2016).

    A public proof-of-concept has also appeared for CVE-2026-31694, a separate flaw in the kernel’s FUSE filesystem code, found by the AI-driven research firm Bynario. A local user with FUSE access can feed the kernel a malicious filesystem and corrupt memory.

    Depending on the setup, that can mean root access, data leaks, or a crash. Because that access is common in containers and user namespaces, it lands more as a server and container risk than a phone one.

    Bynario is not the only one. Mythos also found and exploited a 17-year-old remote code execution bug in FreeBSD’s NFS server (CVE-2026-4747), and Anthropic researchers have used its models to surface other kernel flaws.

    Bad Epoll is a useful counterpoint. It shows that race conditions are hard at every stage: hard to find, even for a leading AI; hard to fix, since the first patch fell short and a correct one took about two months; and hard to exploit, through a window only six instructions wide. For now, the bug an AI walks past is still the one a person has to catch.

    Android Bad Epoll flaw Gain hits Kernel Lets Linux root Unprivileged users
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleNew York girds for a weekend of Taylor Swift, salutes and soccer – Live Updates
    Next Article World Cup 2026: England’s last-16 tie with Mexico WILL kick-off at 1am Monday | Football News
    admin
    • Website

    Related Posts

    Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

    July 3, 2026

    New Avalon Malware Framework Packs CrownX Ransomware Capabilities

    July 3, 2026

    North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

    July 3, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    The government just launched Trump Accounts. Here’s who gets the free $1K

    Is a fan march better than a Super Bowl parade? – Live Updates

    Trump Takes Stock of Other Presidencies, Shedding Light on His Own

    Egyptian coach smooths over issues with Dallas police – Live Updates

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by