Security News > 2024 > May > CISA warns of actively exploited Linux privilege elevation flaw

CISA warns of actively exploited Linux privilege elevation flaw
2024-05-31 19:30

The U.S. Cybersecurity & Infrastructure Security Agency has added two vulnerabilities in its Known Exploited Vulnerabilities catalog, including a Linux kernel privilege elevation flaw.

In late March 2024, a security researcher using the alias 'Notselwyn' published a detailed write-up and proof-of-concept exploit on GitHub, showcasing how to achieve local privilege escalation by exploiting the flaw on Linux kernel versions between 5.14 and 6.6.

CISA did not share specific details about how the vulnerability is exploited, but BleepingComputer has seen posts on hacking forums about the public exploits.

CISA warns of hackers exploiting Chrome, EoL D-Link bugs.

Check Point releases emergency fix for VPN zero-day exploited in attacks.

Google Chrome emergency update fixes 6th zero-day exploited in 2024.


News URL

https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-linux-privilege-elevation-flaw/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2602 1595 67 4328