CyberSecurityBoardThreat Intel · CVEs · Products
Critical CVEs

CVE-2026-46242: Bad Epoll Linux Kernel Use-After-Free Vulnerability

July 3, 2026

A use-after-free vulnerability in the Linux kernel's epoll subsystem, discovered by Jaeyoung Chung, allows unprivileged local users to escalate privileges to root. Affects kernel versions 6.4 and newer, including Android. Exploit achieves ~99% success rate. Fixed in upstream commit a6dc643c6931.