• Tuesday, May 19, 2026

In May 2026 two further high-severity Linux kernel vulnerabilities were publicly disclosed, just weeks after Copy Fail:

  • Fragnesia (CVE-2026-46300, CVSS 7.8), disclosed on 13 May 2026, is a local privilege escalation flaw in the XFRM ESP-in-TCP subsystem. It lets an unprivileged local user write arbitrary bytes into the page cache of read-only files such as /usr/bin/su and gain root in a single command. No race condition is required and a public proof-of-concept exists.
  • ssh-keysign-pwn (CVE-2026-46333), disclosed on 14 May 2026, is a ptrace exit-race flaw that lets an unprivileged local user steal file descriptors from privileged processes during exit, reading root-owned files including SSH host private keys (/etc/ssh/ssh_host_*_key) and the password database (/etc/shadow). A public proof-of-concept exists.

Both flaws affect every mainstream Linux distribution, including Debian, Ubuntu, RHEL, AlmaLinux, Rocky, SUSE, Fedora and Arch. They are different bugs with different fixes, but on most distributions a single kernel upgrade and reboot resolves both.

What we have done

MMITech's entire infrastructure has been patched over the past few days. All hypervisors, internal servers and platform components are running fixed kernels. In some cases a VPS reboot was required as part of the host kernel upgrade.

Customers with a management agreement for their Linux VPS or dedicated server have already been upgraded by our engineers. Given the severity, we proceeded with the kernel update and reboot without prior individual notice. No action is required on your part.

What you need to do

If you run an unmanaged Linux VPS or dedicated server with us, please update the kernel and reboot as soon as possible. This applies to every Linux distribution.

Typical update commands:

  • Debian / Ubuntu: apt update && apt full-upgrade && reboot
  • RHEL / AlmaLinux / Rocky / Fedora: dnf upgrade --refresh && reboot

SSH host key rotation (ssh-keysign-pwn)

Because ssh-keysign-pwn is an information-disclosure flaw, your SSH host private keys should be considered potentially exposed if untrusted users had shell access on your server before the patch. To rotate the host keys:

rm /etc/ssh/ssh_host_*_key*
ssh-keygen -A
systemctl restart ssh   # ali sshd

Returning SSH clients will see a host-key-changed warning until their known_hosts is updated.

Need help?

 

If you are not comfortable performing the upgrade or rotating SSH host keys yourself, please open a support ticket and our team will assist you.

Back