MEDIUMVulnerability
Global

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

·Source: The Hacker News

Updated:

Executive Summary

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as

Analysis

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as

Indicators of Compromise (1)

CVE (1)
CVE-2026-46331
Source Attribution

Originally published by The Hacker News on Jun 26, 2026.

Related Threats