9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Linux kernel vulnerability CVE-2026-46333 (aka ssh-keysign-pwn) was disclosed with a public proof-of-concept; the flaw in ptrace_may_access() (introduced in 2016) allows local attackers to disclose /etc/shadow and SSH host private keys and to execute arbitrary commands as root on default Debian, Fedora, and Ubuntu installations. Distributors have released kernel updates; temporary mitigations include setting kernel.yama.ptrace_scope to 2 and rotating host keys/credentials for exposed hosts. The report also highlights a separate local LPE named PinTheft that abuses RDS zerocopy and io_uring to achieve root.