A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. The vulnerability, nicknamed pedit COW, is tracked as CVE-2026-46331. It's an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory.
A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as important.
The exploit never touches the file on disk. It poisons the cached copy of a setuid root binary (/bin/su) in memory, injects a small payload, and runs that altered image as root. File-integrity checks come back clean while a root shell is already open.
The Requirements
The pedit COW Linux kernel privilege escalation exploit needs two things:
1. act_pedit must be loadable. The packet-editing action module must be available on the system.
2. Unprivileged user namespaces must be open. This gives the attacker a namespace-local networking capability (CAP_NET_ADMIN) needed to trigger the bug.
On the tested RHEL and Debian targets, both conditions were present.
How the Bug Works
Linux's tc traffic-control tool can rewrite packet headers in flight using an action called pedit. The kernel function that does this, tcf_pedit_act(), is supposed to make a private copy of the data before editing it. That's the standard copy-on-write pattern.
But it checked the writable range once, before the final offsets were known. Some edit keys only resolve their offset at runtime. When that happens, the write lands outside the privately copied region. The kernel modifies a shared page-cache page instead of a private copy. If that page belongs to a cached file, the file's in-memory image is corrupted.
The pattern is familiar. Dirty Pipe, Copy Fail, DirtyClone, and Dirty Frag all share the same shape: a kernel fast path writes into a page it does not exclusively own, and the page cache takes the hit.
What is new here is the entry point. An unprivileged user can configure tc actions from inside a user namespace, which gives them the CAP_NET_ADMIN that the exploit needs.
Affected Systems
The PoC author reported unprivileged-to-root exploitation on RHEL 10 and Debian 13 (trixie), where unprivileged user namespaces are open by default.
Ubuntu 24.04 required routing execution through AppArmor profiles that still permit user namespaces.
Ubuntu 26.04 blocks that path by default because its AppArmor profiles restrict unprivileged user namespaces, though the underlying kernel remains vulnerable.
Fixes are split by vendor:
1. Debian: Trixie patched through security patch. Version numbers vulnerable are Debian 11 & 12.
2. Ubuntu: Vulnerability listed on versions 18.04 – 26.04 as of June 25th.
3. Red Hat: RHEL 8, 9, & 10 are listed as being vulnerable. RHEL 7 version is not listed as being vulnerable.
What to Do
Install the patched kernel and reboot. Prioritize systems where "local user" does not mean trusted user: multi-tenant hosts, CI/CD runners, Kubernetes nodes, build workers, and shared research or lab machines.
If you cannot patch yet, two mitigations kill the exploit chain:
1. Disable act_pedit. On systems that do not need tc pedit rules, check whether the module is in use:
lsmod | grep act_pedit
Then block it from loading:
echo 'install act_pedit /bin/true' | sudo tee /etc/modprobe.d/disable-act_pedit.conf2. Disable unprivileged user namespaces. This removes the namespace-local capability the exploit needs:
RHEL:
user.max_user_namespaces=0
Debian/Ubuntu:
kernel.unprivileged_userns_clone=0
This breaks rootless containers, some CI sandboxes, and sandboxed browsers. Test first.
The Cleanup Problem
Because the overwrite targets cached memory, file-integrity checks may not catch it. Dropping the page cache clears the poisoned in-memory copy:
echo 3 > /proc/sys/vm/drop_caches
But this does nothing about the root shell the attacker already opened. Treat the host as compromised.
The Timeline
The fix landed on the netdev mailing list in late May, framed as a routine data-corruption patch. The exploitable detail sat on a public mailing list for weeks. No CVE. No security warning.
The CVE was assigned when the fix was merged on June 16. The weaponized proof-of-concept followed within a day.
For kernel page-cache corruption bugs, waiting for a scanner rule is too slow.
The Bottom Line
The pedit COW Linux kernel privilege escalation flaw is the latest in a long line of page-cache corruption vulnerabilities. It follows the same pattern as Dirty Pipe, DirtyClone, and Dirty Frag. The entry point is different, but the result is the same: an unprivileged user can corrupt a setuid binary and gain root.
Patch now. If you can't patch, disable act_pedit or unprivileged user namespaces. And remember: file-integrity checks won't save you from a poisoned page cache.
FAQ Section
What is pedit COW?
pedit COW (CVE-2026-46331) is a Linux kernel privilege escalation flaw. It's an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory.
How does the exploit work?
The exploit corrupts the cached copy of a setuid root binary (/bin/su) in memory, injects a small payload, and runs that altered image as root.
Which systems are affected?
RHEL 8, 9, and 10; Debian 13 (trixie); and Ubuntu 18.04 through 26.04 are affected. Debian 11 and 12 remain vulnerable.
What are the prerequisites for exploitation?
act_pedit must be loadable, and unprivileged user namespaces must be open. Both conditions are present on default RHEL and Debian installations.
How do I patch?
Install the patched kernel from your distribution and reboot. Check your vendor's advisory for specific version information.
What if I can't patch immediately?
Disable act_pedit or disable unprivileged user namespaces. Both break certain functionality, so test first.
