New Linux 'pedit COW' Exploit Grants Root Access by Poisoning Cached Binaries
CVE-2026-46331, dubbed 'pedit COW,' is a critical Linux kernel vulnerability in the act_pedit traffic-control subsystem that lets local attackers gain root by corrupting page-cache memory without touching disk.
A critical vulnerability in the Linux kernel's traffic-control subsystem, tracked as CVE-2026-46331 and nicknamed "pedit COW," allows a local unprivileged attacker to gain root access by corrupting shared page-cache memory. A public, working exploit was released within a day of the CVE assignment on June 16, and Red Hat has rated the flaw as important. The exploit never modifies files on disk, making it invisible to traditional file-integrity checks.
The vulnerability is an out-of-bounds write in the packet-editing action (act_pedit) of the kernel's tc traffic-control tool. The kernel function tcf_pedit_act() is supposed to make a private copy of data before editing it, following the standard copy-on-write pattern. However, it checks the writable range only once, before the final offsets are known. Some edit keys resolve their offset at runtime, and when that happens, the write lands outside the privately copied region, modifying a shared page-cache page instead. If that page belongs to a cached file, the file's in-memory image is corrupted.
The exploit poisons the cached copy of a setuid root binary (such as /bin/su) in memory, injects a small payload, and runs that altered image as root. File-integrity checks come back clean while a root shell is already open. The exploit requires two conditions: act_pedit must be loadable, and unprivileged user namespaces must be enabled, giving the attacker the namespace-local networking capability (CAP_NET_ADMIN) needed to trigger the bug. On tested RHEL and Debian targets, both conditions were present.
This pattern is familiar to security researchers. Dirty Pipe, Copy Fail, DirtyClone, and Dirty Frag all share the same shape: a kernel fast path writes into a page it does not exclusively own, and the page cache takes the hit. What is new here is the entry point. An unprivileged user can configure tc actions from inside a user namespace, which grants the CAP_NET_ADMIN that the exploit needs.
The PoC author reported unprivileged-to-root exploitation on RHEL 10 and Debian 13 (trixie), where unprivileged user namespaces are open by default. Ubuntu 24.04 required routing execution through AppArmor profiles that still permit user namespaces, while Ubuntu 26.04 blocks that path by default because its AppArmor profiles restrict unprivileged user namespaces, though the underlying kernel remains vulnerable.
Fixes are split by vendor. Debian has fixed trixie through its security channel, but Debian 11 and 12 are still listed as vulnerable. Ubuntu lists supported releases from 18.04 through 26.04 as vulnerable as of June 25. Red Hat lists RHEL 8, 9, and 10 as affected; RHEL 7 is not listed in the bulletin. Administrators should install the patched kernel and reboot immediately, prioritizing multi-tenant hosts, CI/CD runners, Kubernetes nodes, build workers, and shared research or lab machines.
If patching is not immediately possible, two mitigations can break the exploit chain. On systems that do not need tc pedit rules, administrators can block the act_pedit module from loading. Alternatively, disabling unprivileged user namespaces removes the namespace-local capability the exploit needs, but this breaks rootless containers, some CI sandboxes, and sandboxed browsers. Because the overwrite targets cached memory, file-integrity checks may not catch it. Dropping the page cache clears the poisoned in-memory copy but does nothing about the root shell the attacker already opened — treat the host as compromised.
The fix landed on the netdev mailing list in late May, framed as a routine data-corruption patch. The exploitable detail sat on a public mailing list for weeks without a CVE or security warning. The CVE was assigned when the fix was merged on June 16, and the weaponized proof-of-concept followed within a day. For kernel page-cache corruption bugs, waiting for a scanner rule is too slow.
The article provides additional details on the exploit's verification against RHEL 10, Debian 13, and Ubuntu 24.04, noting that Ubuntu 26.04 blocks the attack via tightened AppArmor restrictions. It also includes a mitigation reference to Red Hat's security bulletin RHSB-2026-008 and recommends restricting unprivileged user namespaces.