A single character could be enough to let hackers crack your Linux kernel

1. Pro
2. Security

A single character could be enough to let hackers crack your Linux kernel News By Sead Fadilpašić published 9 June 2026

A logic inversion bug was recently found in Linux

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Linux)

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter

• Logic‑inversion bug in Linux kernel (CVE‑2026‑23111) enabled local privilege escalation
• Affected major distros including Debian, Ubuntu, and RHEL; fixes rolling out unevenly
• Discovery adds to surge of recent Linux LPEs as maintainers struggle with AI‑driven bug‑report overload

A single stray character sitting in the Linux kernel created a logic inversion bug that enabled privilege escalation, leading to a (theoretical) full device takeover.

The bug was discovered in early 2025 by security researcher Oliver Sieber from Exodus Intelligence, who later demonstrated a full working local root exploit, and is now tracked as CVE-2026-23111 and given a severity score of 7.8/10 (high).

According to TheHackerNews, the vulnerability is tied to the upstream Linux kernel, meaning it can affect many distributions that shipped a vulnerable kernel build. Specifically, Debian (Bookworm and Trixie, and in some instances Bullseye), Ubuntu (22.04 LTS, 24.04 LTS, and 25.10), and Red Hat Enterprise Linux 10 (RHEL 10) were confirmed to have been affected - with SUSE and Amazon Linux also being tracked or affected in general.

Latest Videos FromWatch full video here:

Multiple kernel flaws discovered

The caveat here is that a system is only exposed if it has a vulnerable kernel version (before the fix), nf_tables enabled, and unprivileged user namespaces enabled.

In the weeks and months following the disclosure, some distro maintainers came forward with a fix. Ubuntu, for example, now has fixes for 22.04, 24.04, and 25.10, while Debian fixed Bookworm and Trixie. There is also a 6.1 backport for Bullseye LTS. Red Hat, SUSE, and Amazon Linux don’t seem to have fixed it yet.

You may like

• Another major Linux security flaw revealed — nine-year old issue could spell disaster for users
• "Copy Fail" flaw impacts all Linux kernels released since 2017
• Another major Linux security issue uncovered - new Fragnesia flaw allows attackers to run malicious code as root

It’s been an eventful few weeks for the Linux kernel, as researchers discovered multiple local-root vulnerabilities. Copy Fail, Dirty Frag, Fragnesia, DirtyDecrypt, are just some of the major vulnerabilities that were discovered and fixed in recent times.

At the same time, the Linux allfather Linux Torvalds said the project’s security mailing list has become “almost entirely unmanageable” due to researchers using AI to find bugs, filing duplicate reports, essentially DDoS-ing those working to actually address them.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

TOPICS Linux CATEGORIES Cyber Security Computing Security Computing Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

View More

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Security Another major Linux security flaw revealed — nine-year old issue could spell disaster for users    Security "Copy Fail" flaw impacts all Linux kernels released since 2017    Security Another major Linux security issue uncovered - new Fragnesia flaw allows attackers to run malicious code as root    Security Multiple Linux distros hit by major 'CIFSwitch' flaw that gives attackers root access    Security Another major Linux security flaw revealed — 'Dirty Frag' allows root on all major distros, with no patch or fix available yet    Security Experts propose Linux kernel "killswitch" following worrying recent security issues    Latest in Security Pro New iOS 27 Passwords app can automatically change your passwords for you    Security North Korean hackers are at it again — phishing scheme targets hundreds of workers to try and steal crypto and more    Security Check Point says VPN attacks caused by Qilin ransomware group    Security Microsoft disables over 70 GitHub repos after hackers compromised them with dangerous malware    Security Update Chrome now — Google patches new zero-day flaw already being exploited    Security US citizen pleads guilty to spying for the People's Republic of China    Latest in News Gaming Hold out for a little longer FromSoft fans — The Duskbloods will get a closed network test this summer, but a release date for the full game has yet to be announced    Gaming The rumors were true! The Legend of Zelda: Ocarina of Time 'will be reborn' on Nintendo Switch 2 this year    Pro The working class are rallying to oppose data centers at 5 times the rate of wealthy neighborhoods – the great unifier is helping workers punch up, and it's super effective    VPN Privacy & Security Russia’s solution to its VPN crackdown breaking the internet? A state-owned VPN    Software iOS 27 to introduce high-detail 3D imagery for Apple Maps Flyover    VPN Privacy & Security ‘Surveillance is not safety’ — UK’s device scanning order faces privacy backlash    LATEST ARTICLES

1. 1I spent a month with the ModRetro M64 — and I think there’s no better way to play your classic Nintendo 64 games
2. 2Spatial Reframing in iOS 27 might finally turn me into a photo pro — here’s how it works, and why it could be your iPhone’s secret storage weapon
3. 3Apple Maps has a huge iOS 27 upgrade on the way for Flyover that will help you ‘see cities around the world like never before’ — and users think it’s down to Gaussian Splatting, the next big 3D photography craze
4. 4North Korean hackers are at it again — phishing scheme targets hundreds of workers to try and steal crypto and more
5. 5Best World Cup 2026 eSIM deals — Stay connected from the opening game to the final whistle