9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Ravie LakshmananMay 21, 2026Linux / Vulnerability

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.

The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major distributions like Debian, Fedora, and Ubuntu. It's also codenamed ssh-keysign-pwn.

According to Qualys, which discovered the flaw, the problem is rooted in the kernel's __ptrace_may_access() function and was introduced in November 2016.

"The primitive is reliable and turns any local shell into a path to root or to sensitive credential material," Saeed Abbasi, senior manager of Threat Research Unit at Qualys, said.

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Other newsrooms on this story

Related reading

New Fragnesia Linux flaw lets attackers gain root privileges

Linux kernel flaw opens root-only files to unprivileged users

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major…

Critical New Linux Zero-Day Leaked—What Admins Need To Do Now

'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit

Exploit available for new DirtyDecrypt Linux root escalation flaw