The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include a use-after-free security issue impacting Linux kernel versions from 5.14 to 6.6, tracked as CVE-2024-1086, which could be leveraged to enable arbitrary code execution and privilege escalation, SecurityWeek reports.While CISA has not reported any active exploitation of the vulnerability in ransomware attacks, federal agencies have been urged to address the bug — which affects Red Hat, AlmaLinux, SUSE, Ubuntu, Gentoo, and other Linux distributions — by June 20.Such an advisory comes months after the emergence of proof-of-concept exploit code developed by Notselwyn that had a 99.4% success rate. "The exploit is data-only and performs a kernel-space mirroring attack (KSMA) from userland with the novel Dirty Pagedirectory technique (pagetable confusion), where it is able to link any physical address (and its permissions) to virtual memory addresses by performing just read/writes to userland addresses," said Notselwyn.
Vulnerability Management, Patch/Configuration Management
CISA adds Linux kernel flaw to KEV list

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds