Linux kernel netfilter use-after-free vulnerability can lead to local privilege escalation
Key Information
- Vendor
- Linux
- Status
- Kernel
- Vendor
- CVE Published:
- 31 January 2024
Badges
Summary
The CVE-2024-1086 vulnerability in the Linux kernel's netfilter: nf_tables component allows for local privilege escalation. This issue affects Linux kernels between v5.14 and v6.6, including Debian and Ubuntu. The exploit can lead to a double free vulnerability, potentially causing a security breach. There is no specific mention of exploitation by ransomware groups at this time. The recommended action is to upgrade past commit f342de4e2f33e0e39165d8639387aa6c19dff660 to address this security bug.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-1086 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Kernel < 6.8
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
CrowdStrike CVE-2024-1086Active Exploitation Observed for Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)
Last week, CISA added CVE-2024-1086 to its Known Exploited Vulnerability Catalog. In this blog, we share the details of this vulnerability and how Crowdstrike’s customers are protected from exploitation.
6 months ago
CISA adds Linux kernel flaw to KEV list
The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include a use-after-free security issue impacting Linux kernel versions from 5.14 to 6.6, tracked as CVE-2024-1086, which could be leveraged to enable arbitrary code execution and privileg...
6 months ago
CISA warns of actively exploited Linux privilege elevation flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including a Linux kernel privilege elevation flaw.
6 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
- 🔥
Vulnerability reached the number 1 worldwide trending spot.
Vulnerability started trending.
First article discovered by daily.dev
Vulnerability published.
Vulnerability Reserved.