Black & White Path

May 17, 2026 · Information Security

From Normal User to Root: Inside the ssh-keysign-pwn Linux Kernel LPE (CVE‑2026‑46333)

The article details the ssh-keysign-pwn vulnerability (CVE‑2026‑46333), explaining its exit‑mm/exit‑files race condition, how ordinary users can steal SSH host keys and /etc/shadow via pidfd_getfd, the affected Linux distributions, exploit steps, mitigation measures, and the broader context of May 2026 kernel security disclosures.