A new Linux kernel bug lets an ordinary, unprivileged user become root. It now hits Android too. Researchers have named it Bad Epoll. The Bad Epoll vulnerability carries the identifier CVE-2026-46242.
It is a direct attack on the rule of law,” says one European Parliament member of the new findings from Citizen Lab.