Back to advisories

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-23111 is a use-after-free in Linux kernel nf_tables code allowing unprivileged users to escalate to root and escape containers. Public exploits are now available. Unpatched systems with unprivileged user namespaces enabled are at immediate risk.

CRITICALAdvisoryJun 10, 2026

Action required

Identify and patch all Linux systems running vulnerable kernel versions. Prioritize systems with user namespaces enabled. If patching is delayed, disable unprivileged user namespaces as a temporary mitigation.

Affected products

Linux kernelUbuntuDebianRed HatSUSE

CVE IDs

Linked articles

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

Source links

https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html