Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
4180 articles · 176130 vulns · 37/41 feeds (7d)
← Back to list
7.1
CVE-2026-46333EXPLOITEDPATCHED
linux · linux_kernel

ptrace: slightly saner 'get_dumpable()' logic

Description

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.

Affected Products

VendorProductVersions
linuxlinux_kernelbfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, bfedb589252c01fa505ac9f6f2a3d5d68d707ef4, d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12, 03eed7afbc09e061f66b448daf7863174c3dc3f3, e45692fa1aea06676449b63ef3c2b6e1e72b7578, 694a95fa6dae4991f16cda333d897ea063021fed, 3.16.52, 4.4.40, 4.8.16, 4.9.1, 4.10

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
debiandebian_linuxcve_cpe95%
linuxlinuxmitre_affected90%
open sourcelinux kernelcert_advisory90%

References

  • https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6
  • https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205
  • https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181
  • https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7
  • https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d
  • https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d
  • https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730
  • https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a

Related News (20 articles)

Tier B
CERT-FR15h ago
Multiples vulnérabilités dans les produits Siemens (15 juillet 2026)
→ No new info (linked only)
Tier B
CERT-FR19d ago
Multiples vulnérabilités dans le noyau Linux d'Ubuntu (26 juin 2026)
→ No new info (linked only)
Tier C
Rapid7 Blog25d ago
Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more
→ No new info (linked only)
Tier B
CERT-FR40d ago
Multiples vulnérabilités dans le noyau Linux de SUSE (05 juin 2026)
→ No new info (linked only)
Tier D
The Hacker News51d ago
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
→ No new info (linked only)
Tier B
CERT-FR54d ago
Multiples vulnérabilités dans le noyau Linux de Red Hat (22 mai 2026)
→ No new info (linked only)
Tier B
CERT-FR54d ago
Multiples vulnérabilités dans le noyau Linux de Debian (22 mai 2026)
→ No new info (linked only)
Tier B
CERT-FR54d ago
Multiples vulnérabilités dans le noyau Linux de SUSE (22 mai 2026)
→ No new info (linked only)
Tier B
CERT-FR54d ago
Vulnérabilité dans le noyau Linux de Debian LTS (22 mai 2026)
→ No new info (linked only)
Tier D
The Hacker News55d ago
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
→ No new info (linked only)
Tier E
Lobsters Security55d ago
Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333)
→ No new info (linked only)
Tier C
oss-security55d ago
Re: Multiple vulnerabilities in AppArmor
→ No new info (linked only)
Tier C
oss-security56d ago
Re: Logic bug in the Linux kernel's __ptrace_may_access() function
→ No new info (linked only)
Tier C
Qualys Blog56d ago
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path
→ No new info (linked only)
Tier C
Qualys Blog56d ago
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path
→ No new info (linked only)
Tier B
BSI Advisories58d ago
[NEU] [mittel] Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
→ No new info (linked only)
Tier A
Microsoft MSRC60d ago
CVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logic
→ No new info (linked only)
Tier E
Hacker News60d ago
CVE-2026-46333 (SSH-keysign-pwn)
→ No new info (linked only)
Tier C
VulDB60d ago
CVE-2026-46333 | Linux Kernel up to 7.0.7 ptrace get_dumpable privilege escalation
→ No new info (linked only)
Tier C
Linux Kernel CVEs61d ago
CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic
→ No new info (linked only)
CVSS 3.17.1 HIGH
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
31e62c2
PublishedMay 15, 2026
Last enriched25d agov7
Tags
local privilege escalationcredential disclosurelogic buglocal-onlysevere impacthistorical exposurerace conditionfile disclosure
Trending Score93
Source articles20
Independent11
Info Completeness11/14
Missing: epss, kev, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-31431EXPKEV
crypto: algif_aead - Revert to operating out-of-place
Trending: 146
HIGHCVE-2026-43284EXPKEV
xfrm: esp: avoid in-place decrypt on shared skb frags
Trending: 139
HIGHCVE-2026-46300EXP
net: skbuff: preserve shared-frag marker during coalescing
Trending: 81
NONECVE-2026-53359EXP
KVM: x86: Fix shadow paging use-after-free due to unexpected role
Trending: 72
CRITICALCVE-2026-31533EXP
net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
Trending: 68

Pin to Dashboard

Verification

State: verified
Confidence: 0%

Vulnerability Timeline

CVE Published
May 15, 2026
Discovered by ZDM
May 15, 2026
Updated: affectedVersions
May 15, 2026
Updated: severity, exploitAvailable, activelyExploited
May 18, 2026
Updated: iocs, tags
May 20, 2026
Updated: description, patchAvailable, tags
May 20, 2026
Updated: description, affectedVersions, tags
May 21, 2026
Updated: cweIds, tags
Jun 19, 2026
Actively Exploited
Jul 1, 2026
Exploit Available
Jul 1, 2026
Patch Available
Jul 1, 2026

Version History

v7
Last enriched 25d ago
v7Tier C25d ago

Added CWE-362, updated tags to include 'race condition' and 'file disclosure', and confirmed no new patch version available.

cweIdstags
via Rapid7 Blog
v6Tier C55d ago

Updated description with detailed technical information and added new affected version v5.6-rc1 and new tags.

descriptionaffectedVersionstags
via Qualys Blog
v5Tier C55d ago

Updated description to include a logic bug in __ptrace_may_access() and added a new patch version along with new relevant tags.

descriptionpatchAvailabletags
via oss-security
v4Tier C55d ago

Updated description with detailed technical information about CVE-2026-46333, changed severity to HIGH, and added relevant tags and IOC.

iocstags
via Qualys Blog
v3Tier B58d ago

Updated severity to HIGH and marked the vulnerability as exploit available and actively exploited.

severityexploitAvailableactivelyExploited
via BSI Advisories
v2Tier C60d ago

Updated description with details about CVE-2026-46333, added affected version 7.0.7, and changed severity to HIGH.

affectedVersions
via VulDB
v161d ago

Initial creation