Another serious vulnerability. CVE-2026-46333
Unprivileged local user can steal hashed passwords (for offline brute force) and can steal SSH host keys (for MITM attack against the server, and no need to steal hashed passwords if the target privileged user logs in). Probably other attack vectors too now that this one is out in the wild.
This is not a direct LPE (so differs from the ‘frag’ series of LPEs) but it might as well be an LPE.
Yes rough times. Have only 2FA local users, no services on your value machines and Backups if they will be infected in future. Try to run offline without not necessary services. Strange times, patch soon.
If you don’t need the ptrace functionality then you can basically disable it and thereby mitigate this exploit until it is patched. I have not tried that personally because I have only myself as a user and I don’t run any untrusted code in a container (or otherwise). So the only real use of this vulnerability would be in combination with some RCE. As I understand it, it is a race condition, so is not quite as easy to exploit i.e. may require many iterations and hence may get detected before success. But the sooner patched the better.