Linux kernel improper privilege management flaw (CVE-2026-46333)
Vulnerability
Summary
Hide ▲
Show ▼
A Linux kernel privilege-management flaw, CVE-2026-46333, can let unprivileged local users on Debian, Fedora, and Ubuntu disclose /etc/shadow and SSH host keys or execute commands as root. The issue was introduced in November 2016 and carries a CVSS score of 5.5. A public PoC released last week raises the urgency for systems that have not yet applied the kernel update or temporary hardening.
Related Happenings
Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)
Vulnerability
First: 20.05.2026 13:52
Last: 20.05.2026 13:52
Sources 1
About this happening:
**PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...
Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)
VulnerabilityAbout this happening: **PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...
Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)
Vulnerability
First: 18.05.2026 10:18
Last: 18.05.2026 10:18
Sources 1
About this happening:
A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...
Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)
VulnerabilityAbout this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...
Linux kernel Dirty Frag local root escalation privilege-escalation flaw
Vulnerability
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...
Linux kernel Dirty Frag local root escalation privilege-escalation flaw
VulnerabilityAbout this happening: **Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector Action
First: 03.05.2026 09:26
Last: 03.05.2026 09:26
Sources 1
About this happening:
CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector ActionAbout this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/Mitigation
First: 30.04.2026 12:24
Last: 30.04.2026 12:24
Sources 1
About this happening:
Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/MitigationAbout this happening: Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
Timeline
-
21.05.2026 10:35 2 articles · 6d ago
Linux kernel improper privilege management flaw (CVE-2026-46333)
Initial DisclosureThe flaw was introduced in **November 2016** and later confirmed as **CVE-2026-46333** in the **Linux kernel**. Early proof-of-concept testing showed that local access could be turned into root-level compromise or sensitive-file disclosure.
Show sources
- 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros — thehackernews.com — 21.05.2026 10:35
- 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros — thehackernews.com — 21.05.2026 10:35