A critical Linux kernel zero-day vulnerability exploits a race condition during process exit to allow unprivileged users to steal file descriptors for root-owned files like /etc/shadow or SSH host keys. The flaw, fixed by Linus Torvalds in May 2026, stems from many years of kernels skipping dumpable checks when a task’s memory management has already been cleaned up.