Home / Security updates / Security Advisory - CVE-2026-46333 - ssh-keysign-pwn: Analysis, Scope, Remediation Plan
Security Advisory - CVE-2026-46333 - ssh-keysign-pwn: Analysis, Scope, Remediation Plan
Security updates detail rendered from /security-updates/upd_ed41ff74e51b2abb.
Overview
| ID | upd_ed41ff74e51b2abb |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Scaleway |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_ed41ff74e51b2abb |
| providerId | safebase |
| organizationId | org_9c40dfe3f8d30eb8 |
| trustCenterId | tc_97ceaa0bb95c8ff7 |
| title | Security Advisory - CVE-2026-46333 - ssh-keysign-pwn: Analysis, Scope, Remediation Plan |
| message | # Security Advisory - CVE-2026-46333 - ssh-keysign-pwn: Analysis, Scope, Remediation Plan This is an information note regarding CVE-2026-46333. This vulnerability was reported on May 14, 2026. It represents a critical logical flaw within the Linux kernel’s process management and access control tracking logic, affecting a massive portion of deployed Linux systems globally. **Functional public exploits are currently available online**, making immediate verification and remediation critical for exposed systems. This flaw, located in the kernel's exit path (`do_exit`) and tracked within `ptrace` access checks, allows for Local Privilege Escalation (LPE) and severe Information Disclosure. - **On a standard server:** It allows a standard local unprivileged user to exploit a process race condition via `pidfd_getfd(2)`. By utilizing the public exploit code, an attacker can clone open file descriptors out of exiting privileged SUID binaries (such as `ssh-keysign` or `chage`) to read highl |
| url | - |
| publishedAt | 2026-05-19 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_9c40dfe3f8d30eb8",
"name": "Scaleway",
"domains": [
"security.scaleway.com",
"scaleway.com"
]
} |
| trust_center | {
"id": "tc_97ceaa0bb95c8ff7",
"name": "Scaleway",
"url": "https://security.scaleway.com",
"host": "security.scaleway.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_ed41ff74e51b2abb",
"company": "/v1/companies/org_9c40dfe3f8d30eb8",
"trust_center": "/v1/trust-centers/tc_97ceaa0bb95c8ff7",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_ed41ff74e51b2abbJSON