https://hackingpassion.com/tags/cve-2026-23111/Recent content in Cve-2026-23111 on HackingPassion.com : root@HackingPassion.com-[~]HugoenTue, 09 Jun 2026 14:54:56 +0200https://hackingpassion.com/nftables-root-use-after-free/Tue, 09 Jun 2026 14:54:56 +0200https://hackingpassion.com/nftables-root-use-after-free/<p>One extra character in the Linux kernel hands a normal user root. A single <code>!</code> that does not belong inside nftables, the firewall built into Debian and Ubuntu by default, flips a check the wrong way so a local user with no special rights can become root and break out of a container. It was patched months ago, and the working exploits are now public.</p> <p>The flaw carries the name <strong>CVE-2026-23111</strong>. The kernel maintainers fixed it on the fifth of February, and for four months it stayed a quiet line in a changelog. What changed is that the people who cracked it started showing exactly how. Exodus Intelligence published a full technical walkthrough on the eighth of June, and they were not the first to get there. A team at FuzzingLabs had already rebuilt the exploit on their own back in April, while preparing for Pwn2Own Berlin, a hacking competition.</p>