PT-2026-41298 · Linux+4 · Linux Kernel+4

Alexander Peslyak

+1

·

Published

2026-05-15

·

Updated

2026-07-02

·

CVE-2026-46333

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.8 Linux kernel versions prior to 6.18.31 Linux kernel versions prior to 6.12.89 Linux kernel versions prior to 6.6.139 Linux kernel versions prior to 6.1.173 Linux kernel versions prior to 5.15.207 Linux kernel versions prior to 5.10.256
Description An improper privilege management issue exists in the Linux kernel's ptrace mechanism, specifically within the get dumpable() and ptrace may access() functions. The flaw stems from a logic error where the system incorrectly handles the dumpability of tasks that lack an associated memory management (mm) pointer, such as kernel threads. This allows an unprivileged local user to bypass privilege boundaries and access file descriptors of other processes. In certain scenarios, this can be exploited via a race condition during process shutdown to steal privileged file descriptors, leading to local root privilege escalation and the disclosure of sensitive credentials, including SSH private keys and /etc/shadow password hashes. Successful exploitation may require the Reliable Datagram Sockets (RDS) module to be loaded, io ring to be enabled, and the presence of a readable SUID-root binary on x86 64 systems.
Recommendations Update the Linux kernel to version 7.0.8 or newer. Update the Linux kernel to version 6.18.31 or newer. Update the Linux kernel to version 6.12.89 or newer. Update the Linux kernel to version 6.6.139 or newer. Update the Linux kernel to version 6.1.173 or newer. Update the Linux kernel to version 5.15.207 or newer. Update the Linux kernel to version 5.10.256 or newer.

Exploit

Fix

LPE

DoS

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:19568
ALSA-2026:19569
ALSA-2026:19664
ALSA-2026:19666
ALSA-2026:A008
ALSA-2026:A009
ALSA-2026:A010
BDU:2026-06912
CVE-2026-46333
OESA-2026-2415
OESA-2026-2416
OPENSUSE-SU-2026:10825-1
RHSA-2026:19521
RHSA-2026:19540
RHSA-2026:19568
RHSA-2026:19569
RHSA-2026:19664
RHSA-2026:19666
RHSA-2026:19705
RHSA-2026:19711
RHSA-2026:19875
RHSA-2026:20051
RHSA-2026:20054
RHSA-2026:20129
RHSA-2026:20130
RHSA-2026:20299
RHSA-2026:20593
RHSA-2026:21701
RHSA-2026:23468
RHSA-2026:23469
RHSA-2026:23470
RHSA-2026:23471
RHSA-2026:24814
SUSE-SU-2026:22029-1
SUSE-SU-2026:22030-1
SUSE-SU-2026:22031-1
SUSE-SU-2026:22032-1
SUSE-SU-2026:22033-1
SUSE-SU-2026:22034-1
SUSE-SU-2026:22035-1
SUSE-SU-2026:22037-1
SUSE-SU-2026:22038-1
SUSE-SU-2026:22039-1
SUSE-SU-2026:22040-1
SUSE-SU-2026:22042-1
SUSE-SU-2026:22402-1
SUSE-SU-2026:22411-1
SUSE-SU-2026:22412-1
SUSE-SU-2026:22425-1
SUSE-SU-2026:22462-1
SUSE-SU-2026:22474-1
SUSE-SU-2026:22488-1
SUSE-SU-2026:22489-1
USN-8370-1
USN-8371-1
USN-8373-1
USN-8374-1
USN-8388-1
USN-8388-2
USN-8393-1
USN-8426-1
USN-8426-2
USN-8440-1
USN-8461-1
USN-8462-1
USN-8489-1
USN-8497-1
USN-8499-1

Affected Products

Linuxmint
Linux Kernel
Red Os
Rocky Linux
Ubuntu