A local privilege escalation (LPE) security vulnerability in the Linux kernel, codename “PinTheft,” was publicly disclosed on May 19, 2026. The vulnerability was fixed in the mainline Linux kernel tree. A proof-of-concept exploit was published along with public disclosure. The vulnerability does not have a CVE ID assigned at the moment; o […]

The Ubuntu Blog provides updates, tutorials, and insights on the Ubuntu operating system and related projects. Covering topics such as Linux desktops, server administration, and cloud computing, the blog offers resources for developers and sysadmins working with Ubuntu. Developers can learn how to set up, configure, and optimize Ubuntu systems for development, deployment, and production environments by following the Ubuntu Blog.

Ubuntu

A local privilege escalation vulnerability dubbed 'PinTheft' was publicly disclosed on May 19, 2026, affecting the Linux kernel via a reference count bug in the RDS (Reliable Datagram Sockets) module. The flaw allows an attacker to poison the page cache and overwrite in-memory file contents, enabling root privilege escalation. Ubuntu's default configuration is not affected because it blacklists the RDS module from auto-loading. Ubuntu 20.04 LTS and later are affected if RDS is manually enabled. Commands are provided to check exposure and disable the module. A kernel patch has been merged upstream, with Ubuntu package updates forthcoming.

PinTheft Linux kernel vulnerability mitigation