VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

9-year Linux kernel vulnerability (CVE-2026-46333) allows local root

9‑летняя уязвимость ядра Linux (CVE-2026-46333) позволяет получить root

Colleagues, a 9‑year vulnerability in the Linux kernel (CVE‑2026‑46333) has been disclosed, allowing a local user to gain root and read sensitive files.

- Summary: flaw in __ptrace_may_access(), introduced in 2016; discovered by Qualys; PoC published.
- Impact: exposure of /etc/shadow and SSH host keys; command execution via chage, ssh-keysign, pkexec, accounts-daemon.
- Mitigation: update the kernel; temporarily set kernel.yama.ptrace_scope=2; rotate host keys and audit credential caches.

Why it matters: risk of local privilege escalation and key compromise on mainstream distributions.

How will you respond?

#cybersecurity #Linux #vulnerabilities #infosec

Latest comments

No comments yet.