Bad Epoll Linux Kernel UAF Race Condition: Public Root Exploit (99% success)
Key Questions
What is the Bad Epoll vulnerability?
It is a critical use-after-free race condition in the Linux epoll subsystem affecting kernels 6.4+ and Android 6.6+.
How effective is the public exploit for Bad Epoll?
The public root exploit achieves a 99% success rate by chaining epoll file descriptors to bypass the narrow race window.
What is notable about the Bad Epoll disclosure timeline?
There was a two-month gap between the initial report and the proper fix, which may indicate an operational security signal.
A critical kernel UAF race condition in Linux epoll (affects 6.4+ and Android 6.6+) with a public working exploit achieving root 99% of the time. The narrow race window is bypassed via chained epoll fds. Two-month gap between report and proper fix is a notable opsec signal. Must-know for Linux exploitation and red teaming.