[GTALUG] Federal agency warns critical Linux vulnerability being actively exploited
Ron / BCLUG
admin at bclug.ca
Fri May 31 15:27:27 EDT 2024
News is out about a fairly severe Linux vulnerability.
This is a new one:
> Federal agency warns critical Linux vulnerability being actively
> exploited
>
> Cybersecurity and Infrastructure Security Agency urges affected users
> to update ASAP.
> The vulnerability, tracked as CVE-2024-1086 and carrying a severity
> rating of 7.8 out of a possible 10, allows people who have already
> gained a foothold inside an affected system to escalate their system
> privileges. It’s the result of a use-after-free error, a class of
> vulnerability that occurs in software written in the C and C++
> languages when a process continues to access a memory location after
> it has been freed or deallocated. Use-after-free vulnerabilities can
> result in remote code or privilege escalation.
https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/
More information about the talk
mailing list