// #use-after-free
3 articles
Linux Kernel CVE-2026-23111: nf_tables Use-After-Free Enables Container Escape and Root Privilege Escalation
A use-after-free vulnerability in the Linux kernel's nf_tables netfilter subsystem allows unprivileged users to escalate to root and break container isolation. Public proof-of-concept code published 9 June makes this an immediate remediation priority across all major Linux distributions running kernel versions 5.15 through 6.10.
Linux Kernel nf_tables Use-After-Free CVE-2026-23231 Enables Privilege Escalation on Most Distributions
A use-after-free vulnerability in the Linux kernel's nf_tables netfilter subsystem allows a local attacker to escalate privileges to root on unpatched systems. CVE-2026-23231 affects kernels 5.14 through 6.9 and most major distributions including RHEL 9, Ubuntu 22.04/24.04, Debian 12, and SLES 15. Stable kernel patches are available and distribution security teams are issuing advisories.
Google Patches Fourth Chrome Zero-Day of 2026 — CVE-2026-5281 Use-After-Free in WebGPU
Google has patched CVE-2026-5281, a use-after-free vulnerability in Chrome's Dawn WebGPU implementation that is being actively exploited in the wild. This is the fourth Chrome zero-day exploited in attacks in 2026. CISA added it to the KEV catalogue on 1 April with a deadline of 15 April for federal agencies. Update to Chrome 146.0.7680.177/178.