A nine-year-old bug in the Linux kernel was disclosed publicly on May 21, 2026. Qualys Threat Research Unit named it CVE-2026-46333 ssh-keysign-pwn. Any local user on a vulnerable system can read /etc/shadow, steal SSH host keys, or run commands as root. Working exploits are already public. This is the fourth Linux kernel privilege escalation in three weeks, following Copy Fail, Dirty Frag, and Fragnesia. Patch immediately.
What Is CVE-2026-46333 (ssh-keysign-pwn)?
The bug lives in the Linux kernel’s __ptrace_may_access() function. When a privileged process begins to exit, Linux should immediately block other processes from inspecting it through ptrace. A logic flaw in how the kernel checks the dumpable flag means that block happens a fraction too late.
In that window, an attacker uses pidfd_getfd() to grab open file descriptors from the dying privileged process. In practice, that means the open /etc/shadow handle from chage, the SSH private key handle from ssh-keysign, or dbus connections from pkexec.
The CVSS score is 5.5 (medium), reflecting the local-only attack vector. That score is misleading. A successful exploit gives the attacker root-level credentials and private keys. Local does not mean low priority when working exploits are already public. Qualys published the full technical advisory on the Qualys Threat Research Unit blog.
Am I Affected?
To check if your system needs the CVE-2026-46333 ssh-keysign-pwn patch, run:
uname -rAny kernel between 4.10 and the latest patched release is vulnerable. That covers every Linux server built since November 2016. Confirmed affected distributions include Ubuntu 20.04, 22.04, 24.04, Debian 10 through 12, Fedora, RHEL 8, 9, and 10, AlmaLinux, and Rocky Linux that have not yet received the patched kernel.
Step 1: Apply the Immediate Mitigation (No Reboot)
Before scheduling a kernel update, apply the ptrace scope mitigation. This blocks the attack without a reboot:
# Apply immediately
sysctl kernel.yama.ptrace_scope=2
# Make permanent across reboots
echo "kernel.yama.ptrace_scope = 2" > /etc/sysctl.d/99-CVE-2026-46333.conf
sysctl -p /etc/sysctl.d/99-CVE-2026-46333.conf
# Verify
sysctl kernel.yama.ptrace_scopePtrace scope 2 limits memory inspection to parent-child process relationships only, blocking the attack path against unrelated set-UID binaries. The tradeoff: non-root users can no longer attach gdb or gcore to processes they did not spawn. On most production servers, this has no operational impact.
For stronger protection, use scope 3, which disables all unprivileged ptrace. This breaks some container runtimes and debugging tools, so test before deploying to busy environments:
echo "kernel.yama.ptrace_scope = 3" > /etc/sysctl.d/99-CVE-2026-46333.conf
sysctl -p /etc/sysctl.d/99-CVE-2026-46333.confStep 2: Install the Patched Kernel
The upstream fix is kernel commit 31e62c2ebbfd, titled “ptrace: slightly saner get_dumpable() logic”. All major distributions now ship patched kernels.
Ubuntu / Debian
apt update && apt upgrade -y
rebootRHEL / AlmaLinux / Rocky Linux
dnf clean metadata && dnf upgrade kernel -y
rebootFor Rocky Linux 9, the patched kernel is kernel-5.14.0-611.55.1.el9_7.0.3 or later. Rocky 8 needs kernel-4.18.0-553.124.1.el8_10.0.2 or later from the opt-in security repository.
Fedora
dnf upgrade --refresh -y && rebootCloudLinux / cPanel Servers
kcarectl --update
kcarectl --patch-info | grep CVE-2026-46333If the CVE shows as patched, the sysctl mitigation is optional but worth keeping as defence-in-depth.
Step 3: Verify the Patch
After rebooting, confirm the patched kernel and the sysctl setting are both in place:
uname -r
sysctl kernel.yama.ptrace_scope
cat /etc/sysctl.d/99-CVE-2026-46333.confRotate SSH Keys and Passwords If Exposed
If your server was unprotected before you applied the mitigation, and you have reason to believe it was targeted, rotate SSH host keys. The exploit reads the open file handle for private keys from ssh-keysign. An attacker who ran the exploit beforehand may hold a copy.
rm /etc/ssh/ssh_host_*
ssh-keygen -A
systemctl restart sshdAlso consider rotating passwords for accounts whose hashes were accessible via /etc/shadow. The chage binary leaks the shadow file handle through the same exploit path. If hashes were taken, offline cracking is possible without further server access.
The Bigger Picture: Four Kernel CVEs in Three Weeks
This is the fourth serious Linux kernel vulnerability since late April 2026. Copy Fail on April 29, Dirty Frag on May 7, Fragnesia on May 13, and now ssh-keysign-pwn on May 21. Each is independent and needs its own patch. A server not updated since April needs all four mitigations:
# Copy Fail (algif_aead)
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
# Dirty Frag + Fragnesia (esp4/esp6/rxrpc)
printf 'install esp4 /bin/false
install esp6 /bin/false
install rxrpc /bin/false
' > /etc/modprobe.d/disable-dirtyfrag.conf
rmmod esp4 esp6 rxrpc 2>/dev/null || true
# ssh-keysign-pwn (ptrace_scope)
echo "kernel.yama.ptrace_scope = 2" > /etc/sysctl.d/99-CVE-2026-46333.conf
sysctl -p /etc/sysctl.d/99-CVE-2026-46333.confOne kernel update and one reboot replaces all the individual mitigations with permanent upstream fixes for all four vulnerabilities. The CISA Known Exploited Vulnerabilities catalog tracks confirmed active exploitation for each CVE.
Conclusion
CVE-2026-46333 ssh-keysign-pwn sat undetected in the Linux kernel for nine years. Now that public exploits exist, every unpatched server is exposed the moment an attacker gets any local shell. Apply ptrace_scope=2 now, then update the kernel and reboot. If you are also working through the earlier kernel CVEs, our guide on patching Copy Fail CVE-2026-31431 covers the module mitigations for that family. And if you have not yet hardened your server baseline, start with the Linux server hardening checklist to reduce your overall attack surface before the next CVE lands.