The Qualys Threat Research Unit (TRU) has released the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel's __ptrace_may_access() function that lets an unprivileged local user disclose sensitive files and execute arbitrary commands as root on default installations of several major Linux distributions. The bug has been sitting quietly in mainline Linux since November 2016 — nearly nine years.
This marks the fourth Linux kernel security issue demanding emergency attention in just three weeks, following Copy Fail (April 29), Dirty Frag (May 7), and Fragnesia (May 13). At this rate, Linux administrators aren't patching vulnerabilities anymore — they're running a triage ward.
What the Bug Actually Does
TRU identified a narrow timing window in which a privileged process that is dropping its credentials remains reachable through ptrace-family operations (a set of kernel interfaces used for process inspection and debugging), even though its dumpable flag should have closed that path. By pairing this window with pidfd_getfd() — a syscall that lets one process grab file descriptors from another — an attacker can essentially pickpocket a dying privileged process before it finishes cleaning up.
The proof-of-concept races against ssh-keysign, a setuid binary that ships on every Linux system with OpenSSH installed. During its brief lifetime, ssh-keysign holds the SSH host private key files open as root. The exploit races against its exit, calls pidfd_getfd on its file descriptor table, and steals the open handles to /etc/ssh/ssh_host_ecdsa_key, ssh_host_ed25519_key, and ssh_host_rsa_key. A second variant targets chage — another setuid binary — and steals the open handle to /etc/shadow, which contains every user's password hash on the system.
Qualys built four working exploits in total — targeting chage, ssh-keysign, pkexec, and accounts-daemon — confirming root command execution or credential theft across default installs of Debian 13, Ubuntu 24.04, Ubuntu 26.04, Fedora 43, and Fedora 44.
Why "Local-Only" Doesn't Mean Low Priority
The bug matters because modern intrusions rarely stop at the first foothold. A web RCE running as www-data, a compromised CI job, a stolen developer shell account, an abused shared-hosting account, or a container workload with access to the host kernel may not start as root. A local kernel bug that reads root-owned secrets can turn that foothold into credential theft, host impersonation, password hash cracking, lateral movement, or a stronger privilege-escalation path.
In a shared-hosting environment, the distinction between credential disclosure and direct root is one without much practical difference — either of those files gets an attacker the rest of the way trivially.
What to Do Right Now
The fix is Linus Torvald's upstream commit 31e62c2ebbfd — already backported by Debian, Fedora, Red Hat, SUSE, AlmaLinux, CloudLinux, and others. Three concrete steps:
1. Patch and reboot. Install your distribution's updated kernel and actually reboot — installing the package without rebooting leaves the vulnerable kernel still running.
2. Apply the interim mitigation if patching must wait. Raise kernel.yama.ptrace_scope to 2 via sysctl. This blocks the public exploits since their pidfd_getfd path is gated by __ptrace_may_access(). Be aware: this breaks non-root use of gdb -p, strace -p, and some container debug tooling, and the setting cannot be lowered without a reboot.
3. Treat SSH host keys as potentially compromised. If your host allowed untrusted local users during the exposure window, rotate SSH host keys and review any administrative material that lived in the memory of set-uid processes. Silent credential theft is the scariest part of this bug — there's no reliable way to prove after the fact that nothing was exfiltrated.
Working public exploits are already circulating. The window for being ahead of this one is closing fast.