Bottom line: Kernel vulnerability CVE-2026-46331 allows local users to escalate privileges to root through the packet editing module with a publicly available exploit.
An out-of-bounds write vulnerability in the Linux kernel’s packet editing subsystem (act_pedit) allows unprivileged local attackers to gain root access by corrupting the page cache. A working exploit script was available just one day after the CVE was published on June 16, 2026.
CVE-2026-46331, also known as “pedit COW,” is an out-of-bounds write vulnerability in the Packet Editing Action module (act_pedit) of the Linux kernel. The flaw allows a locally authenticated attacker without elevated privileges to corrupt memory areas in the shared page cache and thereby obtain root access on the system.
The vulnerability was registered on June 16, 2026, and has a short exploitation latency: within 24 hours of CVE assignment, a functional, publicly available exploit script appeared. This underscores the risk of rapid exploitation in production environments.
Red Hat classified the vulnerability according to its severity. Affected systems should prioritize available kernel updates to prevent unauthorized root escalation by local attackers.
Source: thehackernews.com · Published June 26, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.