All articles tagged with #cve 2026 46333
Qualys disclosed CVE-2026-46333, a nine-year-old Linux kernel privilege-escalation flaw in __ptrace_may_access() that can let an unprivileged local user read /etc/shadow, access SSH private keys, and execute commands as root on Debian, Fedora, and Ubuntu; a PoC is available, patches have been released, and mitigations include updating the kernel or setting kernel.yama.ptrace_scope=2 and rotating host keys.
A Linux kernel information-disclosure flaw, CVE-2026-46333 dubbed ssh-keysign-pwn, lets unprivileged users read sensitive files such as SSH host keys and the shadow password file by abusing the ptrace check logic and the ssh-keysign helper. Patches have been released across multiple stable branches, but many distros haven’t rolled them out yet. Workarounds include tightening Yama ptrace restrictions or disabling host-based SSH authentication, though both can disrupt admin workflows. Users should update to patched kernels (e.g., 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, 5.10.256) as soon as feasible; this is the fourth major Linux kernel flaw reported in recent weeks.