Red Hat published bulletin RHSB-2026-004 "File Descriptor Theft via Process Exit Race Condition" for a race condition in the Linux kernel: CVE-2026-46333, going around as "ssh-keysign-pwn" or "ptrace exit-race". Red Hat rates it Important, NVD lists CVSS 5.5. Affected are RHEL 8, 9 and 10 and OpenShift Container Platform 4. Rocky Linux and AlmaLinux already ship fixes, Red Hat tracks the rollout in the linked bulletin. Until the regular kernel patch is in, the official mitigation through the Yama ptrace scope applies.
Rocky Linux launches an optional security repository for critical hot-fixes as long as RHEL has no patch yet. First use case is Dirty Frag (CVE-2026-43284, CVE-2026-43500), a local privilege escalation in the Linux kernel with a working public PoC. The repo is not enabled by default and has to be switched on deliberately.
Red Hat has published bulletin RHSB-2026-003 "Dirty Frag" covering a local privilege escalation in the Linux kernel networking subsystem. The bulletin groups CVE-2026-43284 in the IPsec ESP path (Dirty Frag) and CVE-2026-46300 in the ESP-in-TCP variant (Fragnesia). Red Hat rates both as Important. Affected are RHEL 8, 9 and 10 plus OpenShift Container Platform 4. Patches are being expedited per the bulletin. Until they are in, one of the two official mitigations applies.
CVE-2026-31431 is a local privilege escalation in the Linux kernel crypto API. Red Hat rates it Important (CVSS 7.8). Affected are RHEL 8, 9 and 10 (kernel and kernel-rt) and OpenShift Container Platform 4. Until the kernel patch is in, the official boot-parameter mitigation should be on every RHEL host.
The characters \ / : ? * " < > | as well as leading and trailing spaces in file and directory names are generally problematic and cannot be used at all on some systems, e.g. the question mark on Windows.
The little admin guide available at docs.linuxfabrik.ch since 2020-12-01 is not a comprehensive introduction to Linux. It helps us solve many of our daily tasks in a "best practice" way.
The Center for Internet Security (CIS) recommends a partitioning scheme for RHEL and compatible distributions, with several directories like /home, /tmp, /var and /var/log on their own partitions. Using the Logical Volume Manager (LVM) keeps the administrative effort for later resizing manageable.
