RSS

Logic bug in the Linux kernel's __ptrace_may_access() function (LPE)

Tiberium2 pts0 comments

oss-security - Logic bug in the Linux kernel's __ptrace_may_access() function

Products

Openwall GNU/*/Linux server OS<br>Linux Kernel Runtime Guard<br>John the Ripper password cracker

Free & Open Source for any platform<br>in the cloud<br>Pro for Linux<br>Pro for macOS

Wordlists for password cracking<br>passwdqc policy enforcement

Free & Open Source for Unix<br>Pro for Windows (Active Directory)

yescrypt KDF & password hashing<br>yespower Proof-of-Work (PoW)<br>crypt_blowfish password hashing<br>phpass ditto in PHP<br>tcb better password shadowing<br>Pluggable Authentication Modules<br>scanlogd port scan detector<br>popa3d tiny POP3 daemon<br>blists web interface to mailing lists<br>msulogin single user mode login<br>php_mt_seed mt_rand() cracker

Services<br>Publications

Articles<br>Presentations

Resources

Mailing lists<br>Community wiki<br>Source code repositories (GitHub)<br>File archive & mirrors<br>How to verify digital signatures<br>OVE IDs

What's new

Follow @Openwall on Twitter for new release announcements and other news

[ [next>] [thread-next>] [day] [month] [year] [list]

Message-ID:<br>Date: Fri, 15 May 2026 02:20:48 +0000<br>From: Qualys Security Advisory<br>To: "oss-security@...ts.openwall.com"<br>Subject: Logic bug in the Linux kernel's __ptrace_may_access() function

Hi all,

Today a vulnerability that we reported to security@...nel was fixed:

https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a

Brad Spengler then published a brief analysis:

https://x.com/spendergrsec/status/2054974174926430322

>From Altan Baig in that thread we learned that in 2020 Jann Horn had<br>already proposed a patch for this issue:

https://lore.kernel.org/all/20201016024019.1882062-1-jannh@google.com/<br>https://lore.kernel.org/all/20201016230915.1972840-1-jannh@google.com/

Later today two exploits for this vulnerability were published by _SiCk:

https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn

Today we also contacted the linux-distros@...nwall, but since exploits<br>are already public we were told to send this to oss-security@...nwall<br>instead, hence this post. We are not publishing our advisory yet, to<br>give distributions and users a chance to patch.

We are at your disposal for questions, comments, further discussions.<br>Thank you very much! With best regards,

the Qualys Security Advisory team<br>Powered by blists - more mailing lists

Please check out the

Open Source Software Security Wiki, which is counterpart to this<br>mailing list.

Confused about mailing lists and their use?<br>Read about mailing lists on Wikipedia<br>and check out these<br>guidelines on proper formatting of your messages.

linux security kernel mailing password lists

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.