Ptrace Vulnerability in Linux Kernel Affecting Memory Management
CVE-2026-46333

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 May 2026

What is CVE-2026-46333?

A vulnerability in the Linux kernel's ptrace functionality raises concerns regarding task memory image management. This issue relates to 'dumpability' checks for processes without an associated memory management structure (mm). The ptrace_may_access() function includes 'dumpable' checks for processes in a way that diverges from its original intent. Specifically, it allows access to kernel threads without a proper memory management pointer, as long as the user has the necessary privileges. To enhance system security, users are now required to have the CAP_SYS_PTRACE capability to access detailed information about these kernel threads. This change aims to ensure better alignment between permission models and actual access capabilities, thus increasing the overall robustness of the Linux security framework.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 15b828a46f305ae9f05a7c16914b3ce273474205

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4709234fd1b95136ceb789f639b1e7ea5de1b181

References

https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c...

https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c169...

https://git.kernel.org/stable/c/4709234fd1b95136ceb789f63...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46333 Data

JSON