
[CIVN-2026-0357] Privilege escalation vulnerability in Linux kernel’s Eventpoll subsystem (Bad Epoll)
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Privilege escalation vulnerability in Linux kernel’s Eventpoll subsystem (Bad Epoll)
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: HIGH
Software Affected
Linux Kernel versions 5.15.209 to 5.15.x
Linux Kernel versions 6.1.175 to 6.1.x
Linux Kernel versions 6.4 to 6.18.32
Linux Kernel versions 6.19 to 7.0.9
Overview
A vulnerability commonly referred to as ‘Bad Epoll’ has been reported in the Linux Kernel’s Eventpoll (epoll) subsystem that could allow a local authenticated attacker to escalate privileges on the targeted system.
Target Audience:
All organizations and individuals running affected versions of Linux Kernel.
Risk Assessment:
High risk of local privilege escalation, race condition, execute arbitrary code and memory corruption.
Impact Assessment:
Potential for privilege escalation, execute arbitrary code with kernel privileges, memory corruption, system compromise and disruption of affected systems.
Description
The Linux kernel is the core component of many operating systems, responsible for managing hardware resources and providing essential system services and memory management functionality.
The vulnerability exists in the Linux kernel Eventpoll (epoll) subsystem due to a use-after-free (UAF) condition in the ep_remove() function. An authenticated local attacker could exploit this race condition by triggering concurrent operations on affected kernel objects, causing memory corruption and obtaining elevated privileges.
Successful exploitation of this vulnerability could allow an authenticated local attacker to gain elevated privileges, potentially resulting in the complete compromise of the affected system.
Solution
Apply appropriate updates as mentioned by the vendor:
https://www.kernel.org/
Vendor Information
Linux Kernel
https://www.kernel.org/
References
https://www.kernel.org/
CVE Name
CVE-2026-46242
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmpOX1wACgkQ3jCgcSdc
ys9KaRAAis8n9DDfC3KvuiuIDBitra2T8apfIjMO9xM2zynop3GPfCA2kw9oDpaT
pYA6SXYPlJtEyfksOt8CvLC+0wQUF2abE/r5j9wpAwPBKxjlzws4vDv0IqE+d0SZ
LsvThlWkZb1M9caY2oiIOScikhBxYSxWitWhZN/9OLSm6pLQvpsbi2CE2UvTsHr0
OX7AIzKYeqmtxxM+pizaf/tMS38SGKNzPOZnX6UMHOuLhscnbCnVylngUrS8YTeN
B3jbz5SqV1cutAhcnfcZnL2aFtQcm/pymMIDKzn5nZMR1fbh1LImbC9XaoQLVgrs
wF2943zGDtcasp3Kjl2+9hPluk6rHg9NIYRQUpiPxykxUUlYLqCSLk40Ew/dCxCn
PeY6Z0nNHGYKGE/el3bcsrP/Ru5NXm2AjhvL78r98Up30LajjEpJAQ4eCW+Lafyi
aIbkOssWFMZDe9wOuVFg2LD2vN4tf7544jMjnYnwOWYPT1h5Nfngx1BS+tmgwh8T
D4YjzBEt/xFcZ/ujKmQzEIFnjaMc4u4jNYmEAFUxn/uua5VSdQcD3M2voR/h527r
XaZyMTz+x92jD0LO+Q/uY8k/tWdHNUNISZUmoA8Y6CiJlRcV5REkwweE4jXHZp8d
aDgjMEd+diT7aP3ukJj9UiYL4OxC8d6djl2zOveoaGXZE02F7Yk=
=WKuu
—–END PGP SIGNATURE—–


