Oracle Linux Kernel ptrace Vulnerability CVE-2026-46333 Disclosed

Oracle Linux Kernel ptrace Vulnerability CVE-2026-46333 Disclosed

First seen 22 May 2026, 13:58 UTC Linuxsecurity 80% similarity 74.0

Article Content

Browse articles
ThreatCluster

Oracle has disclosed a critical security vulnerability in the ptrace functionality of its Linux kernels, identified as CVE-2026-46333. This vulnerability affects multiple versions of Oracle Linux, including Oracle Linux 8, 9, and the Unbreakable Enterprise Kernel (UEK). The flaw allows unauthorized access to process memory, which could potentially be exploited to gain elevated privileges. The vulnerability was published on May 15, 2026, with a proof of concept (PoC) available as of May 16, 2026. Users are advised to apply the latest patches immediately to mitigate risks. The affected kernel versions include 6.12.0-202.76.4.3 and 5.15.0-320.202.8.4 for Oracle Linux 9 and 8, respectively. The issue has been confirmed by Oracle and is being treated with urgency due to its potential impact on system security.

Key Points: • CVE-2026-46333 affects Oracle Linux 8 and 9, allowing unauthorized process memory access. • Patches are available, and users are urged to update their systems immediately. • The vulnerability was disclosed on May 15, 2026, with a PoC released shortly after.

ThreatCluster AI

Timeline

2026-05-15
CVE-2026-46333 published
Oracle disclosed a ptrace vulnerability affecting multiple Oracle Linux versions, allowing unauthorized access to process memory.
Article 1
2026-05-16
First public PoC released
A proof of concept demonstrating the exploitation of CVE-2026-46333 was made public, increasing urgency for patching.
Article 1
2026-05-22
Patches released
Oracle released patches for the affected kernel versions, urging users to apply them to secure their systems.
Article 1

Community

Browse all →