ismagilov/iStock/Getty Images Plus Follow ZDNET: Add us as a preferred source on Google. ZDNET’s key takeaways Another day, another Linux bug.  There is a patch out now.   However, it’s not available yet in most distros.  Linux’s latest kernel flaw doesn’t have a fancy name; it’s just called “ssh‑keysign‑pwn.” It’s the fourth high‑profile local security hole to hit Linux in just a few weeks. This one enables ordinary users to quietly read some of the most sensitive files on a system, including Secure Shell (SSH) host private keys and the shadow password file. The vulnerability gets its “ssh‑keysign‑pwn” nickname from one of the main exploitation paths: abusing OpenSSH’s ssh-keysign helper binary. Keysign -keysign is used for host‑based authentication and typically runs setuid root, opening the system’s SSH host keys before dropping privileges to complete its work. Also: The third major Linux kernel flaw in two weeks has been found – thanks to AI Just what we needed. Another annoying and potentially dangerous Linux bug. The flaw explained Security researchers at security company Qualys disclosed CVE‑2026‑46333, …