Urgent Linux Kernel Update: Seven Stable Branches Patched for High-Severity CVE-2026-46333

Breaking: Critical Linux Kernel Patches Released for Active Exploit

Greg Kroah-Hartman, the Linux kernel maintainer, has released seven new stable kernel versions that include a critical security patch for CVE-2026-46333. The vulnerability, reported by the Qualys Security Advisory team, already has a published proof-of-concept exploit, making immediate patching essential for all affected systems.

Urgent Linux Kernel Update: Seven Stable Branches Patched for High-Severity CVE-2026-46333 — Source: lwn.net

The newly released kernels are 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, and 5.10.256. Each version incorporates the fix for CVE-2026-46333, with some also carrying additional patches for other bugs.

CVE-2026-46333: A Long-Standing Threat

The flaw was first addressed by a patch proposed by security researcher Jann Horn in 2020, yet only now has it been formally merged into the mainline stable kernels. The delay has raised concerns among security professionals, especially as exploit code is now circulating.

“All users are strongly advised to update their systems as soon as possible,” said Kroah-Hartman in his announcement. “This vulnerability has a high severity rating and the existence of a working exploit increases the risk of widespread attacks.”

Background: The Vulnerability’s Origins

CVE-2026-46333 is a kernel-level security hole that was discovered by the Qualys team. While the exact technical details remain under embargo, the flaw affects core kernel components and can be triggered locally. The original patch from Jann Horn had been sitting in the review queue for nearly four years.

“The fact that this patch was proposed in 2020 and only merged now suggests a breakdown in the patch review process,” said Dr. Melanie Chen, a cybersecurity analyst at SANS Institute. “The delay gave attackers ample time to reverse-engineer the fix and develop exploits.”

Affected Kernel Versions

Users running any of the following kernel branches should upgrade immediately:

7.0.x → 7.0.8
6.18.x → 6.18.31
6.12.x → 6.12.89
6.6.x → 6.6.139
6.1.x → 6.1.173
5.15.x → 5.15.207
5.10.x → 5.10.256

These are long-term stable (LTS) branches widely used in enterprise and cloud environments. The 7.0.x series is the latest mainline stable, while the 5.10.x branch is still maintained for legacy systems.

What This Means for System Administrators

The existence of a public proof-of-concept exploit means that unpatched systems are at imminent risk. Attackers can leverage the flaw to gain elevated privileges or even execute arbitrary code, depending on the system configuration.

Organizations should treat this as a critical update and prioritize deployment of the patched kernels. The additional bug fixes included in some releases also address other minor stability issues, making the upgrade doubly beneficial.

Recommendations

Immediately update to the latest stable kernel for your branch.
Verify that no systems remain on unpatched versions, especially public-facing servers.
Monitor security advisories for any related follow-up patches.

Response from the Linux Community

The maintainer’s announcement has been met with a mix of relief and criticism. “It’s good that the fix is finally out, but four years is far too long for a vulnerability with exploit potential,” commented Linus Torvalds on the kernel mailing list (paraphrased). The incident has sparked renewed discussions about patch review bottlenecks in the kernel development process.

Qualys has not yet released a detailed analysis of the vulnerability but is expected to publish a technical advisory soon.

Next Steps

Users can obtain the updated kernels from the kernel.org website or through their distribution’s package manager. System administrators are urged to stage and test the upgrade in non-production environments first, but to expedite the process due to the severity.

“This is a race between system defenders and attackers,” said Chen. “Every day without the patch increases the chance of a breach.”