'A few months back, CVE-2024-1086, a nasty use-after-free vulnerability in the Linux kernel's netfilter, was revealed. With a Common Vulnerability Scoring System (CVSS) score of 7.8, this bug, with the foundation for most Linux network firewall and Network Address Translation (NAT) programs, was a nasty little security hole. With it, Netfliter's table component could be exploited to achieve local privilege escalation. Worse still, you didn't need to be terribly clever to use it, so a local attacker could escalate privileges from a regular user to root in no time flat. Adding insult to injury, this vulnerability was present in pretty much all the major Linux distributions, including Debian, Fedora, Red Hat, and Ubuntu. In short, pretty much any Linux distribution using any kernel version between 5.14 and 6.6.14 could be hacked. Ouch! But, the fix has been in place since January 2024, when the flaw was patched. So, if we've been good little system administrators, we shouldn't have anything to worry about, right? Right!? Wrong. The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged it and added it to the Known Exploited Vulnerabilities (KEV) catalog. It turns out that it's being actively exploited in the wild.' -- source: https://opensourcewatch.beehiiv.com/p/nasty-linux-bug-cve20241086-loose Cheers, Peter