The 4th Linux kernel flaw this month can lead to stolen SSH host keys

ZDNET reports on CVE‑2026‑46333 ("ssh‑keysign‑pwn"), a Linux kernel ptrace logic flaw that allows unprivileged users to grab file descriptors from processes during shutdown (via pidfd_getfd), enabling theft of SSH host keys and shadow password hashes; Qualys released a reliable PoC, kernel patches have been published for multiple branches, and short‑term mitigations include tightening ptrace scope or disabling host‑based SSH/ssh‑keysign.