# Proof-of-Concept Exploit Released for Linux 'Bad Epoll' Root Access Vulnerability

_Monday, July 6, 2026 at 8:00 AM EDT · Security · Latest · Tier 2 — Notable_

![Proof-of-Concept Exploit Released for Linux 'Bad Epoll' Root Access Vulnerability — Primary](https://www.securityweek.com/wp-content/uploads/2026/05/Linux-vulnerability-malware.jpeg)

A proof-of-concept exploit has been released for a Linux kernel vulnerability that allows unprivileged users to gain root access on desktops, servers and Android phones, SecurityWeek reported. The flaw, tracked as CVE-2026-46242 and dubbed Bad Epoll, is a race condition combined with a use-after-free in the kernel's epoll event notification subsystem. Researcher Jaeyoung Chung published technical details and working exploit code after submitting the issue as a zero-day to Google's kernelCTF program. The PoC achieves root privileges by leaking kernel memory, hijacking an indirect call to control the CPU instruction pointer and executing a return-oriented programming chain. The exploit reached about 99 percent reliability on tested systems. Organizations are urged to apply available patches. No confirmed exploitation in the wild has been reported. An Android version of the full exploit remains in development.

## Sources

- [SecurityWeek](https://www.securityweek.com/proof-of-concept-exploit-released-for-linux-bad-epoll-root-access-vulnerability/)

---
Canonical: https://techandbusiness.org/newswire/aD45H1NEbb1bqELwluWfYL
Retrieved: 2026-07-06T22:54:22.968Z
Publisher: Tech & Business (techandbusiness.org)
