Blog on AlmaLinux

ssh-keysign-pwn (CVE-2026-46333): Patched kernels available in testing (opens in new tab)

Covers 4 stories See all stories this covers including 0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.Covered by 5 sources See all sources covering this story including ZDNET, The Hacker News

If you’re keeping a tally at home, this is the fourth local-root Linux kernel disclosure we have written about in roughly two weeks. At this rate the AlmaLinux build servers and core team are going to start getting hazard pay. The new flaw is tracked as CVE-2026-46333, and is being called ssh-keysign-pwn after one of the two public exploits. Qualys reported the underlying bug to security@kernel.org and Linus pushed the fix on 2026-05-14 in commit 31e62c2ebbfd. Hours later, “_SiCk” published t...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 5 articles

ZDNET·

The 4th Linux kernel flaw this month can lead to stolen SSH host keys

Discussed on Hacker News
Feeds
The Hacker News·

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Feeds
Security Affairs·

DirtyDecrypt: PoC Released for yet another Linux flaw

Feeds
View all 5 ›

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help