CIFSwitch (CVE-2026-46243): Mitigation and Kernel Update on CloudLinux
Researcher Asim Manizada disclosed CIFSwitch, a Linux kernel local privilege escalation in the CIFS / SMB client's SPNEGO upcall path. The bug has been latent in the kernel since 2007 and the public proof-of-concept (manizada/CIFSwitch) shipped together with the oss-security disclosure on 2026-05-28. On affected hosts, any unprivileged local user can use it to gain root in a single command. The vulnerability is tracked as CVE-2026-46243.
PinTheft (CVE-2026-43494) kernel LPE: CloudLinux platforms are not affected
Researcher Aaron Esau and the V12 Security team disclosed PinTheft, a Linux kernel local privilege escalation that chains an RDS zerocopy reference-count bug with io_uring fixed buffers to overwrite the page cache of a SUID-root binary. A public proof-of-concept is available. Any unprivileged local user on an affected host can use it to gain root.
Linux Kernel ptrace Exit-race Vulnerability / ssh-keysign-pwn (CVE-2026-46333) — Mitigation and Kernel Update on CloudLinux
Right after the kernel privilege-escalation chain in the XFRM/ESP subsystem (Copy Fail, Dirty Frag, Fragnesia), Qualys disclosed a different Linux kernel issue. This time in the ptrace access-check path. CVE-2026-46333 is reserved for tracking this vulnerability. A public proof-of-concept exists. An unprivileged local user on an affected host can use it to read root-owned secrets (SSH host private keys and the shadow password database) without obtaining root privileges directly.
Fragnesia (CVE-2026-46300) — Mitigation and Kernel Update on CloudLinux
Less than a week after Dirty Frag, researcher William Bowling and the V12 team disclosed a third Linux kernel local privilege escalation in the same broad area (XFRM / ESP) and named it Fragnesia. A working public proof-of-concept exists. Any unprivileged local user can use it to gain root in a single command.
Reducing the time between upstream kernel releases
We at CloudLinux are on a mission to make Linux secure, stable and manageable and system administrators’ life feels like a walk in the park. And we think that the task of reducing the time between upstream kernel releases aligns with our mission.
CentOS 6 ELS kernel v.2.6.32-754.35.3 has been rolled out to 100%
CentOS 6 ELS kernel v.2.6.32-754.35.3.el6 has been rolled out to 100% and is now available for download from our production repository.
CentOS 6 ELS kernel v.2.6.32-754.35.3 has been scheduled for gradual rollout
CentOS 6 ELS kernel v.2.6.32-754.35.3.el6 has been scheduled for gradual rollout from our production repository.
CentOS 6 ELS kernel v.2.6.32-754.35.2 has been rolled out to 100%
CentOS 6 ELS kernel v.2.6.32-754.35.2.el6 has been rolled out to 100% and is now available for download from our production repository.
CentOS 6 ELS kernel v.2.6.32-754.35.2 has been scheduled for gradual rollout
CentOS 6 ELS kernel v.2.6.32-754.35.2.el6 has been scheduled for gradual rollout from our production repository.
CentOS 6 ELS kernel v.2.6.32-754.29.3 has been rolled out to 100%
CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been rolled out to 100% and is now available for download from our production repository.
