vulnerability linux
10
Jun

CISA announced critical vulnerability in Linux Kernel

On Thursday, the CISA announced a security vulnerability affecting the Linux kernel in the Known Exploited Vulnerabilities (KEV) catalog and warned of active exploitation.

The vulnerability, named CVE-2024-1086 (CVSS score: 7.8), is highly severe and is found in a use-after-free bug in the netfilter component. This vulnerability allows hackers to escalate their privileges from a regular user to root and potentially execute arbitrary code. CISA specifically stated: “The Linux kernel contains a [use-after-free vulnerability](https://trustit.kinsta.cloud/el/hackers-ekmetalleftikan-efpatheia-tou-foxit-pdf-reader/) in the netfilter: nf_tables component, allowing a [hacker](https://trustit.kinsta.cloud/el/hackers-ekmetalleftikan-efpatheia-tou-foxit-pdf-reader/) to achieve local privilege escalation.”

Netfilter is a framework provided by the Linux kernel that enables the implementation of various network-related functions through customizable handlers, facilitating packet filtering and network address translation. The vulnerability was addressed in January 2024, but the exact nature of the attacks exploiting it remains unknown.

Additionally, a newly discovered security vulnerability affecting Check Point’s network products (CVE-2024-24919, CVSS score: 7.5) was added to the KEV catalog. This vulnerability allows hackers to read sensitive information on Internet Gateways with enabled remote VPN or mobile access.

Due to the active exploitation of CVE-2024-1086 and CVE-2024-24919, federal agencies are advised to apply the latest patches by June 20, 2024, to protect their networks from potential threats.