415.tech
AI & tech, from the frontlines of Silicon Valley
Single misplaced `!` in Linux nf_tables opens local root escalation — CVE-2026-23111

Single misplaced `!` in Linux nf_tables opens local root escalation — CVE-2026-23111

CVE-2026-23111 is a use-after-free in nf_tables — the Linux kernel's packet-filtering subsystem — triggered by a single misplaced exclamation point in the source; an unprivileged local process can exploit the corrupted verdict-deletion path to escalate to root. Patches are in development but not yet universally distributed, so every shared-compute or multi-tenant Linux host — cloud VMs, containerized workloads — stays exposed until the kernel is updated across the fleet.

Source: arstechnica.com

Post on XEmail

a single mis-issued exclamation point in code implementing nf_tables introduced a use-after-free

arstechnica.com

Why this matters

  • → Single typo in kernel code allows unprivileged users to gain root access
  • → Multi-tenant Linux systems (cloud VMs, containers) remain exploitable until patched
  • → Demonstrates how trivial source errors cascade into critical privilege escalation
One character, total compromise
Also in this edition