Linux Kernel CVE-2026-46333: 9-Year-Old Root Bug

A bug introduced into the Linux kernel in November 2016 sat unnoticed for nine years. Qualys disclosed it on May 21, and the proof-of-concept exploit dropped within days. If you run Debian, Fedora, or Ubuntu on default settings, any unprivileged local user on your system can now become root and read your /etc/shadow file plus your SSH host private keys.

The CVE is CVE-2026-46333. The codename — and it’s a fitting one — is ssh-keysign-pwn.

What CVE-2026-46333 actually does

It’s a kernel-level privilege management flaw. The vulnerable code lives in the __ptrace_may_access() function, which decides whether one process is allowed to inspect another. When that decision goes wrong, the consequences are dramatic: any local user can hijack the memory of higher-privileged set-uid programs and use them to do things only root should be able to do.

CVSS comes in at 5.5, which sounds modest on paper. Don’t be fooled. Local privilege escalation flaws are routinely chained with low-impact remote bugs to turn web shells into full system takeover, and that’s exactly what this enables.

How an attacker uses it

Qualys identified four distinct attack paths using the same root cause. Each targets a different set-uid helper utility that ships on essentially every Linux desktop and server:

According to The Hacker News, Qualys described the primitive as “reliable” — meaning it works deterministically, not as a one-in-a-hundred race-condition gamble. That matters because it means automated exploit kits can package it into mass-exploitation tools.

The two scariest payloads:

  1. Read /etc/shadow. This file contains password hashes for every user on the system. With it, attackers can run offline cracking against your password policy at their leisure.
  2. Read SSH host private keys under /etc/ssh/*_key. These keys identify your server. With them, attackers can impersonate your server in man-in-the-middle attacks against anyone connecting via SSH.

And separately: arbitrary command execution as root. Once you’re root on a Linux box, you own everything on it.

Who is affected

The headline answer: nearly everyone running modern Linux on default settings.

Per Qualys’s advisory, the flaw was confirmed exploitable on default installations of Debian, Fedora, and Ubuntu. Because the bug lives in the upstream Linux kernel and was introduced almost a decade ago, every distribution that pulled from upstream during that window inherited the vulnerability. That includes practically every server, container image, and developer workstation you can think of.

The exploitation requires local access — meaning the attacker needs a shell on your machine, even if it’s an unprivileged one. That’s the only thing keeping this from being a worm-tier internet emergency.

But “local” is doing a lot of work in 2026. Shared hosting, multi-tenant Kubernetes nodes, CI runners, RDP/jump boxes, and any system with multiple human users all qualify. So does any system you’ve compromised at a lower privilege via a separate vulnerability — and that’s exactly how kernel privilege escalation bugs typically get used in the wild.

Why this took nine years to find

The vulnerable change went into the kernel in November 2016. From there it shipped across thousands of kernel releases and into millions of installations. Nobody caught it during code review, fuzzing, or the dozens of audits the kernel undergoes every year.

This isn’t unusual. Memory-management and process-isolation bugs are notoriously hard to spot because they require modeling the interaction between many subsystems at once. The kernel’s __ptrace_may_access() function looks straightforward in isolation. The bug only surfaces when you trace what happens when a privileged set-uid binary is the target of the access check, not the source.

Qualys’s Threat Research Unit found it through targeted auditing of privilege boundaries — the same team that has racked up several similar headline-grade kernel disclosures over the past few years.

What to do right now

Three things, in order of impact:

  1. Patch your kernel. All major distributions have published updates. Run apt update && apt upgrade on Debian/Ubuntu, dnf update kernel on Fedora. Reboot after.
  2. If you can’t patch immediately, raise kernel.yama.ptrace_scope to 2. This restricts ptrace so processes can only trace their own children — defeating the exploitation primitive. Run: 
    echo "kernel.yama.ptrace_scope = 2" | sudo tee /etc/sysctl.d/99-ptrace.conf
sudo sysctl --system

    Note that this may break legitimate debuggers like gdb attaching to running processes — fine for production servers, painful for developer workstations.

  3. If your system was exposed to potentially untrusted local users: rotate SSH host keys and audit set-uid process memory for unexpected changes. Treat the host keys as compromised if you can’t prove they weren’t accessed.

Container and cloud implications

Container hosts running multi-tenant workloads (anyone pre-Kubernetes-NodePool-isolation, basically) should treat this as urgent. A user breaking out of one container into the kernel can now reach root on the host. This applies to shared CI infrastructure, multi-customer SaaS workloads, and bare Kubernetes nodes without proper namespacing.

If you’re on managed Kubernetes (GKE, EKS, AKS), the cloud provider is responsible for patching the underlying node kernels. Check your provider’s status page for the patch rollout window. If you’re self-managing nodes, the patching is on you.

Frequently asked questions

Does CVE-2026-46333 allow remote attacks?

No. The vulnerability requires local shell access. An attacker first needs another way onto your system — through a stolen password, a web vulnerability, a phishing-installed reverse shell, or an existing low-privilege account.

Is there active exploitation in the wild?

A public proof-of-concept exploit was released shortly after the kernel commit landed in public view. That’s the typical precursor to in-the-wild exploitation, but at the time of writing widespread mass-exploitation has not been confirmed. Treat that as a “patch this week” cushion, not a green light.

Which Linux distributions are affected?

Qualys explicitly confirmed default installations of Debian, Fedora, and Ubuntu. Because the bug is upstream in the Linux kernel and shipped from November 2016 forward, virtually every distribution that follows upstream kernel releases is also affected. Check your distribution’s security advisory for the specific patched kernel version.

Do containers protect against this?

Not by default. Standard Docker or Linux containers share the host kernel. A user inside a container exploiting CVE-2026-46333 gets root on the host. Only gVisor, Kata Containers, or full-VM isolation (Firecracker, Cloud Hypervisor) protect against this class of bug.

Does macOS or Windows need to worry?

No. The bug is specific to the Linux kernel’s __ptrace_may_access() implementation. macOS and Windows have entirely different process-tracing subsystems.

What is the ptrace_scope mitigation actually doing?

Setting kernel.yama.ptrace_scope to 2 (admin-only ptrace) restricts the kernel’s process-inspection API so that only processes with explicit CAP_SYS_PTRACE capability can attach. This defeats the exploit’s primitive because the four attack vectors all rely on the unrestricted ptrace path. The trade-off: legitimate debugging workflows that rely on attaching to processes you didn’t start (like gdb -p <pid>) will stop working.

The bottom line

This is a “patch this week, no excuses” vulnerability. It’s not the apocalypse — the local-access requirement saves us from a full internet meltdown. But for anyone running shared infrastructure, multi-tenant containers, or systems with human user accounts, it’s a fast track from “low-privilege foothold” to “full root takeover.”

Update your kernels. Rotate your SSH host keys if you have any doubt about who’s had local access to your boxes. And remember that the next nine-year-old bug is sitting in the codebase right now waiting to be found.

Sources

Last updated: May 24, 2026.

Tagged , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *