A critical logic flaw disclosed in the Linux kernel since November 2016 has been publicly disclosed by the Qualys Threat Research Unit (TRU), enabling unprivileged local attackers to steal SSH host private keys, read password hashes from /etc/shadow The vulnerability executes arbitrary commands as root on default installations of major Linux distributions. Tracked as CVE-2026-46333 and assigned a high severity rating, the […]
The post Nine-Year-Old Linux Kernel Flaw Allow Attackers to Exfiltrate SSH Private Keys appeared first on Cyber Security News.