"Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, including root-only secrets such as SSH keys. The bug affects multiple LTS kernel lines from 5.10 upward, although a fix has already landed - and there is now a proposal for reducing the odds of similar surprises in future."
"CVE-2026-46333, a local kernel vulnerability that lets an unprivileged user read files they should not be able to access, including those normally available only to root. An attacker who already has login access to an affected machine could therefore potentially grab SSH keys, password files, or other confidential credentials, as the KnightLi blog explains."
"According to a report on Linux Stans, it affected LTS kernel versions 5.10, 5.15, 6.1, 6.6, 6.12, 6.18 and 7.0. The good news is that it's already been fixed: Linus himself, in commit 31e62c2, called the fix "ptrace: slightly saner 'get_dumpable()' logic.""
"This also seems like a good time to look at what we thought was an interesting new defensive measure, Jasper Nuyens' ModuleJail. The top line of the README summarizes it: Th"
A local kernel vulnerability, CVE-2026-46333, allows unprivileged users to read files they should not access, including root-only secrets such as SSH keys and password files. Affected systems include multiple Linux LTS kernel lines starting from 5.10. The issue has been fixed already, with a commit described as making ptrace get_dumpable logic “slightly saner.” The vulnerability was reported publicly and had earlier underlying identification dating back to 2020. A related defensive proposal, ModuleJail, aims to minimize the impact of similar bugs by constraining how kernel modules can affect system security. The proposal is presented as a radical approach to reducing the odds of future security surprises.
Read at theregister
Unable to calculate read time
Collection
[
|
...
]