High-severity vulnerability in Linux identified due to coding error

<p>Researchers have identified a high-severity vulnerability in the Linux operating system that allows untrusted users to escalate their privileges to root. This vulnerability is caused by a single character error within the kernel.</p><p>The vulnerability, designated as <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-23111">CVE-2026-23111</a>, is found in nf_tables, a subsystem of the Linux kernel responsible for packet filtering. This subsystem manages firewall rules and replaces older systems such as iptables, ip6tables, arptables, and ebtables.</p><p>The issue arises from a mis-issued exclamation point in the code for nf_tables, which has led to a use-after-free vulnerability. This type of vulnerability can corrupt memory by allowing malicious code to be executed at memory addresses that have not been properly cleared. An unprivileged user or process can exploit CVE-2026-23111 to gain root access to the system.</p>