DigiNews

Tech Watch by Johan Denoyer

← Back to articles

19+ Years Hidden, $80,000+ Rewarded: Reporting a Linux Kernel Zero-Day for Google kernelCTF: CVE-2026-43456

Quality: 8/10 Relevance: 9/10

Summary

Two researchers reported CVE-2026-43456, a Linux kernel vulnerability in net/bonding that remained undiscovered for 19 years and can be exploited with high reliability. The post details the root cause, exploit approach, and a Google kernelCTF bug bounty award over $80k. It also covers mitigations and the broader implications for kernel security and patch timelines.

🚀 Service construit par Johan Denoyer